Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-25	CVE-2021-3941	In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. local low complexity openexr redhat fedoraproject debian	6.5
2022-03-25	CVE-2021-4147	Improper Locking vulnerability in multiple products A flaw was found in the libvirt libxl driver. local low complexity redhat fedoraproject netapp CWE-667	6.5
2022-03-25	CVE-2022-0322	Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. local low complexity linux fedoraproject oracle CWE-704	5.5
2022-03-24	CVE-2022-24769	Moby is an open-source project created by Docker to enable and accelerate software containerization. local low complexity mobyproject fedoraproject linuxfoundation debian	5.9
2022-03-23	CVE-2021-4148	Improper Validation of Integrity Check Value vulnerability in multiple products A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. local low complexity linux fedoraproject CWE-354	5.5
2022-03-23	CVE-2022-0996	Improper Authentication vulnerability in multiple products A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. network low complexity redhat fedoraproject CWE-287	6.5
2022-03-23	CVE-2022-0396	Improper Resource Shutdown or Release vulnerability in multiple products BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. network low complexity isc fedoraproject netapp siemens CWE-404	5.3
2022-03-17	CVE-2022-24302	Race Condition vulnerability in multiple products In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. network high complexity paramiko debian fedoraproject CWE-362	5.9
2022-03-16	CVE-2021-23648	Cross-site Scripting vulnerability in multiple products The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function. network low complexity paypal fedoraproject CWE-79	6.1
2022-03-16	CVE-2022-24728	Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. network low complexity ckeditor drupal oracle fedoraproject CWE-79	5.4