High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-29	CVE-2022-24122	Use After Free vulnerability in multiple products kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. local low complexity linux netapp fedoraproject CWE-416	7.8
2022-01-28	CVE-2022-0393	Out-of-bounds Read vulnerability in multiple products Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject CWE-125	7.1
2022-01-26	CVE-2022-23990	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. network low complexity libexpat-project tenable oracle debian fedoraproject siemens CWE-190	7.5
2022-01-25	CVE-2022-23033	Improper Resource Shutdown or Release vulnerability in multiple products arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_entry with mfn set to INVALID_MFN) do not actually clear the pagetable entry if the entry doesn't have the valid bit set. local low complexity xen fedoraproject debian CWE-404	7.8
2022-01-25	CVE-2021-45342	Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. local low complexity librecad fedoraproject debian CWE-120	7.8
2022-01-25	CVE-2021-45341	Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. network low complexity librecad fedoraproject debian CWE-120	8.8
2022-01-20	CVE-2021-45417	Out-of-bounds Write vulnerability in multiple products AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. local low complexity advanced-intrusion-detection-environment-project redhat fedoraproject canonical debian CWE-787	7.8
2022-01-19	CVE-2022-21699	Incorrect Execution-Assigned Permissions vulnerability in multiple products IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. local low complexity ipython debian fedoraproject CWE-279	8.8
2022-01-15	CVE-2021-44537	Injection vulnerability in multiple products ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution. local low complexity owncloud fedoraproject CWE-74	7.8
2022-01-15	CVE-2022-23094	NULL Pointer Dereference vulnerability in multiple products Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. network low complexity libreswan fedoraproject debian CWE-476	7.5