Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-21	CVE-2021-44141	Link Following vulnerability in multiple products All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. network low complexity samba redhat fedoraproject CWE-59	4.3
2022-02-18	CVE-2022-23645	swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. local low complexity swtpm-project redhat fedoraproject	5.5
2022-02-18	CVE-2016-2124	Improper Authentication vulnerability in multiple products A flaw was found in the way samba implemented SMB1 authentication. network high complexity samba debian fedoraproject redhat canonical CWE-287	5.9
2022-02-18	CVE-2021-20320	A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. local low complexity linux fedoraproject redhat	5.5
2022-02-18	CVE-2022-0585	Excessive Iteration vulnerability in multiple products Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-834	6.5
2022-02-18	CVE-2022-25313	Uncontrolled Recursion vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. network low complexity libexpat-project debian fedoraproject oracle siemens CWE-674	6.5
2022-02-16	CVE-2022-25258	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. low complexity linux fedoraproject debian netapp CWE-476	4.6
2022-02-16	CVE-2022-0613	Authorization Bypass Through User-Controlled Key vulnerability in multiple products Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8. network low complexity uri-js-project fedoraproject CWE-639	6.5
2022-02-14	CVE-2022-0571	Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2. network low complexity phoronix-media fedoraproject	6.1
2022-02-12	CVE-2022-0108	Origin Validation Error vulnerability in multiple products Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google fedoraproject CWE-346	6.5