High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-24	CVE-2022-43680	Use After Free vulnerability in multiple products In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. network low complexity libexpat-project debian fedoraproject netapp CWE-416	7.5
2022-06-02	CVE-2022-27778	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`. network low complexity haxx netapp oracle splunk CWE-706	8.1
2022-04-11	CVE-2022-28893	Use After Free vulnerability in multiple products The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. local low complexity linux netapp debian CWE-416	7.8
2022-04-08	CVE-2022-28796	Race Condition vulnerability in multiple products jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. local high complexity linux redhat fedoraproject netapp CWE-362	7.0
2022-02-18	CVE-2021-20322	Use of Insufficiently Random Values vulnerability in multiple products A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. network high complexity linux fedoraproject debian netapp oracle CWE-330	7.4
2021-12-25	CVE-2021-45485	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. network low complexity linux netapp oracle CWE-327	7.5
2021-06-11	CVE-2021-22901	Use After Free vulnerability in multiple products curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. network high complexity haxx oracle netapp siemens splunk CWE-416	8.1
2021-03-05	CVE-2021-28041	Double Free vulnerability in multiple products ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. network high complexity openbsd fedoraproject netapp oracle CWE-415	7.1
2020-11-28	CVE-2020-29370	Race Condition vulnerability in multiple products An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. local high complexity linux netapp CWE-362	7.0
2020-05-27	CVE-2020-13630	Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. local high complexity sqlite fedoraproject canonical netapp brocade debian siemens apple oracle CWE-416	7.0