High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-25	CVE-2022-27227	In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers. network low complexity powerdns fedoraproject	7.5
2022-03-25	CVE-2018-25032	Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. network low complexity zlib debian fedoraproject apple python mariadb netapp siemens azul goto CWE-787	7.5
2022-03-23	CVE-2021-3618	ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. network high complexity f5 sendmail vsftpd-project fedoraproject debian	7.4
2022-03-23	CVE-2021-3748	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the virtio-net device of QEMU. local high complexity qemu debian canonical fedoraproject redhat CWE-416	7.5
2022-03-23	CVE-2022-27666	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. local low complexity linux fedoraproject redhat netapp debian CWE-787	7.8
2022-03-18	CVE-2022-1011	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). local low complexity linux fedoraproject redhat netapp debian oracle CWE-416	7.8
2022-03-18	CVE-2022-27191	The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. network low complexity golang fedoraproject redhat	7.5
2022-03-16	CVE-2022-24729	CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. network low complexity ckeditor drupal oracle fedoraproject	7.5
2022-03-15	CVE-2021-45848	Improper Encoding or Escaping of Output vulnerability in multiple products Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character. network low complexity nicotine-plus fedoraproject CWE-116	7.5
2022-03-15	CVE-2022-0778	Infinite Loop vulnerability in multiple products The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. network low complexity openssl debian netapp fedoraproject tenable mariadb nodejs CWE-835	7.5