Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-12	CVE-2022-0120	Origin Validation Error vulnerability in multiple products Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website. network low complexity google fedoraproject CWE-346	6.5
2022-02-11	CVE-2022-23634	Improper Resource Shutdown or Release vulnerability in multiple products Puma is a Ruby/Rack web server built for parallelism. network high complexity puma rubyonrails debian fedoraproject CWE-404	5.9
2022-02-11	CVE-2022-0561	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff redhat fedoraproject debian netapp CWE-476	5.5
2022-02-11	CVE-2022-0562	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff fedoraproject debian netapp CWE-476	5.5
2022-02-09	CVE-2022-0529	Out-of-bounds Write vulnerability in multiple products A flaw was found in Unzip. local low complexity unzip-project redhat fedoraproject debian CWE-787	5.5
2022-02-09	CVE-2022-0530	A flaw was found in Unzip. local low complexity unzip-project redhat fedoraproject apple debian	5.5
2022-02-08	CVE-2022-21713	Authorization Bypass Through User-Controlled Key vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. network low complexity grafana netapp fedoraproject CWE-639	4.3
2022-02-08	CVE-2022-21702	Cross-site Scripting vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. network low complexity grafana netapp fedoraproject CWE-79	5.4
2022-02-04	CVE-2021-40403	An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. local low complexity gerbv-project fedoraproject debian	6.3
2022-02-03	CVE-2022-22818	Cross-site Scripting vulnerability in multiple products The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. network low complexity djangoproject fedoraproject debian CWE-79	6.1