High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-19	CVE-2022-21476	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). network low complexity oracle netapp debian azul	7.5
2022-04-13	CVE-2015-20107	Command Injection vulnerability in multiple products In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. network low complexity python netapp fedoraproject CWE-77	7.6
2022-04-13	CVE-2022-29156	Double Free vulnerability in multiple products drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release. local low complexity linux netapp CWE-415	7.8
2022-04-11	CVE-2022-28893	Use After Free vulnerability in multiple products The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. local low complexity linux netapp debian CWE-416	7.8
2022-04-08	CVE-2022-28796	Race Condition vulnerability in multiple products jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. local high complexity linux redhat fedoraproject netapp CWE-362	7.0
2022-04-04	CVE-2022-24785	Path Traversal: 'dir/../../filename' vulnerability in multiple products Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. network low complexity momentjs tenable netapp fedoraproject debian CWE-27	7.5
2022-04-03	CVE-2022-28390	Double Free vulnerability in multiple products ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. local low complexity linux fedoraproject debian netapp CWE-415	7.8
2022-03-30	CVE-2022-0998	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function. local low complexity linux netapp CWE-190	7.8
2022-03-29	CVE-2022-1055	Use After Free vulnerability in multiple products A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. local low complexity linux redhat fedoraproject canonical netapp CWE-416	7.8
2022-03-25	CVE-2021-4157	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). low complexity linux fedoraproject netapp oracle CWE-119	8.0