High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-16	CVE-2022-25271	Improper Input Validation vulnerability in multiple products Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. network low complexity drupal fedoraproject CWE-20	7.5
2022-02-16	CVE-2021-3578	Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. local low complexity isync-project fedoraproject debian CWE-704	7.8
2022-02-16	CVE-2021-3752	Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. high complexity linux redhat fedoraproject netapp debian oracle CWE-362	7.1
2022-02-16	CVE-2021-3760	Use After Free vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux fedoraproject debian netapp CWE-416	7.8
2022-02-16	CVE-2021-3551	Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. local low complexity dogtagpki fedoraproject oracle redhat CWE-312	7.8
2022-02-16	CVE-2022-23803	A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. local low complexity kicad fedoraproject debian	7.8
2022-02-16	CVE-2022-23804	A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. local low complexity kicad fedoraproject debian	7.8
2022-02-15	CVE-2022-21698	Allocation of Resources Without Limits or Throttling vulnerability in multiple products client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. network low complexity prometheus fedoraproject rdo-project CWE-770	7.5
2022-02-14	CVE-2022-0581	Use After Free vulnerability in multiple products Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-416	7.5
2022-02-14	CVE-2022-0583	Out-of-bounds Write vulnerability in multiple products Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-787	7.5