Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-01	CVE-2021-46665	MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations. local low complexity mariadb fedoraproject	5.5
2022-02-01	CVE-2021-46667	Integer Overflow or Wraparound vulnerability in multiple products MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash. local low complexity mariadb fedoraproject CWE-190	5.5
2022-02-01	CVE-2021-46668	Resource Exhaustion vulnerability in multiple products MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. local low complexity mariadb fedoraproject CWE-400	5.5
2022-01-31	CVE-2022-24130	Classic Buffer Overflow vulnerability in multiple products xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. local low complexity invisible-island debian fedoraproject CWE-120	5.5
2022-01-29	CVE-2021-46659	MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW. local low complexity mariadb fedoraproject	5.5
2022-01-28	CVE-2022-23598	laminas-form is a package for validating and displaying simple and complex forms. network low complexity getlaminas fedoraproject	6.1
2022-01-26	CVE-2021-22570	NULL Pointer Dereference vulnerability in multiple products Nullptr dereference when a null char is present in a proto symbol. local low complexity google debian fedoraproject oracle netapp CWE-476	5.5
2022-01-25	CVE-2022-23034	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. local low complexity xen fedoraproject debian CWE-191	5.5
2022-01-25	CVE-2022-23035	Incomplete Cleanup vulnerability in multiple products Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. low complexity xen fedoraproject debian CWE-459	4.6
2022-01-25	CVE-2021-45343	NULL Pointer Dereference vulnerability in multiple products In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document. local low complexity librecad fedoraproject debian CWE-476	5.5