High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-04	CVE-2022-27650	Incorrect Default Permissions vulnerability in multiple products A flaw was found in crun where containers were incorrectly started with non-empty default permissions. network high complexity crun-project fedoraproject redhat CWE-276	7.5
2022-04-04	CVE-2022-24801	HTTP Request Smuggling vulnerability in multiple products Twisted is an event-based framework for internet applications, supporting Python 3.6+. network high complexity twistedmatrix debian fedoraproject oracle CWE-444	8.1
2022-04-04	CVE-2022-24785	Path Traversal: 'dir/../../filename' vulnerability in multiple products Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. network low complexity momentjs tenable netapp fedoraproject debian CWE-27	7.5
2022-04-03	CVE-2022-28390	Double Free vulnerability in multiple products ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. local low complexity linux fedoraproject debian netapp CWE-415	7.8
2022-04-01	CVE-2021-3847	Improper Preservation of Permissions vulnerability in multiple products An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. local low complexity linux fedoraproject CWE-281	7.2
2022-03-30	CVE-2022-24790	HTTP Request Smuggling vulnerability in multiple products Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. network low complexity puma debian fedoraproject CWE-444	7.5
2022-03-30	CVE-2022-1160	Heap-based Buffer Overflow vulnerability in multiple products heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. local low complexity vim fedoraproject CWE-122	7.8
2022-03-30	CVE-2022-1154	Use After Free vulnerability in multiple products Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. local low complexity vim fedoraproject debian oracle CWE-416	7.8
2022-03-29	CVE-2022-1055	Use After Free vulnerability in multiple products A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. local low complexity linux redhat fedoraproject canonical netapp CWE-416	7.8
2022-03-26	CVE-2022-27940	Out-of-bounds Read vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. local low complexity broadcom fedoraproject CWE-125	7.8