High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-24	CVE-2021-3999	Off-by-one Error vulnerability in multiple products A flaw was found in glibc. local low complexity gnu debian netapp CWE-193	7.8
2022-08-24	CVE-2021-4204	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. local low complexity linux debian redhat netapp CWE-119	7.1
2022-08-23	CVE-2022-2938	Use After Free vulnerability in multiple products A flaw was found in the Linux kernel's implementation of Pressure Stall Information. local low complexity linux redhat fedoraproject netapp CWE-416	7.8
2022-08-23	CVE-2022-31676	Improper Privilege Management vulnerability in multiple products VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. local low complexity vmware debian fedoraproject netapp CWE-269	7.8
2022-08-18	CVE-2021-33060	Out-of-bounds Write vulnerability in multiple products Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel netapp CWE-787	7.8
2022-08-10	CVE-2022-28131	Uncontrolled Recursion vulnerability in multiple products Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. network low complexity golang fedoraproject netapp CWE-674	7.5
2022-08-05	CVE-2022-1973	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. local low complexity linux fedoraproject netapp CWE-416	7.1
2022-08-03	CVE-2022-35737	Improper Validation of Array Index vulnerability in multiple products SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. network low complexity sqlite netapp splunk CWE-129	7.5
2022-07-27	CVE-2022-36946	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. network low complexity linux debian netapp	7.5
2022-07-26	CVE-2022-1671	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. local low complexity linux netapp CWE-476	7.1