High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-06	CVE-2021-43138	In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution. local low complexity async-project fedoraproject	7.8
2022-04-05	CVE-2022-26357	Race Condition vulnerability in multiple products race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. local high complexity xen debian fedoraproject CWE-362	7.0
2022-04-05	CVE-2022-26358	IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. local low complexity xen debian fedoraproject	7.8
2022-04-05	CVE-2022-26359	IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. local low complexity xen debian fedoraproject	7.8
2022-04-05	CVE-2022-26360	IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. local low complexity xen debian fedoraproject	7.8
2022-04-05	CVE-2022-26361	IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. local low complexity xen debian fedoraproject	7.8
2022-04-04	CVE-2022-27649	Incorrect Default Permissions vulnerability in multiple products A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. network high complexity podman-project redhat fedoraproject CWE-276	7.5
2022-04-04	CVE-2022-27650	Incorrect Default Permissions vulnerability in multiple products A flaw was found in crun where containers were incorrectly started with non-empty default permissions. network high complexity crun-project fedoraproject redhat CWE-276	7.5
2022-04-04	CVE-2022-24801	Twisted is an event-based framework for internet applications, supporting Python 3.6+. network high complexity twisted debian fedoraproject oracle	8.1
2022-04-04	CVE-2022-24785	Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. network low complexity momentjs tenable netapp fedoraproject debian	7.5