High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-05	CVE-2022-26358	IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. local low complexity xen debian fedoraproject	7.8
2022-04-05	CVE-2022-26359	IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. local low complexity xen debian fedoraproject	7.8
2022-04-05	CVE-2022-26360	IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. local low complexity xen debian fedoraproject	7.8
2022-04-05	CVE-2022-26361	IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. local low complexity xen debian fedoraproject	7.8
2022-04-04	CVE-2022-27649	Incorrect Default Permissions vulnerability in multiple products A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. network high complexity podman-project redhat fedoraproject CWE-276	7.5
2022-04-04	CVE-2022-27650	Incorrect Default Permissions vulnerability in multiple products A flaw was found in crun where containers were incorrectly started with non-empty default permissions. network high complexity crun-project fedoraproject redhat CWE-276	7.5
2022-04-04	CVE-2022-24801	Twisted is an event-based framework for internet applications, supporting Python 3.6+. network high complexity twisted debian fedoraproject oracle	8.1
2022-04-04	CVE-2022-24785	Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. network low complexity momentjs tenable netapp fedoraproject debian	7.5
2022-04-03	CVE-2022-28390	Double Free vulnerability in multiple products ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. local low complexity linux fedoraproject debian netapp CWE-415	7.8
2022-04-01	CVE-2021-3847	Improper Preservation of Permissions vulnerability in multiple products An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. local low complexity linux fedoraproject CWE-281	7.8