Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-03	CVE-2022-1292	OS Command Injection vulnerability in multiple products The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. network low complexity openssl debian netapp oracle fedoraproject CWE-78 critical	9.8
2021-11-15	CVE-2021-42377	Release of Invalid Pointer or Reference vulnerability in multiple products An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. network low complexity busybox fedoraproject netapp CWE-763 critical	9.8
2021-11-02	CVE-2021-43267	Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. network low complexity linux fedoraproject netapp CWE-1284 critical	9.8
2021-09-23	CVE-2021-22945	Double Free vulnerability in multiple products When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again. network low complexity haxx fedoraproject netapp oracle apple siemens debian splunk CWE-415 critical	9.1
2021-05-25	CVE-2021-33574	Use After Free vulnerability in multiple products The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. network low complexity gnu fedoraproject netapp debian CWE-416 critical	9.8