High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-23	CVE-2022-40304	Double Free vulnerability in multiple products An issue was discovered in libxml2 before 2.10.3. local low complexity xmlsoft netapp apple CWE-415	7.8
2022-11-23	CVE-2022-40303	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in libxml2 before 2.10.3. network low complexity xmlsoft netapp apple CWE-190	7.5
2022-05-03	CVE-2022-1473	Incomplete Cleanup vulnerability in multiple products The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. network low complexity openssl netapp CWE-459	7.5
2022-02-26	CVE-2022-23308	Use After Free vulnerability in multiple products valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. network low complexity xmlsoft fedoraproject debian apple netapp oracle CWE-416	7.5
2022-01-18	CVE-2022-23302	Deserialization of Untrusted Data vulnerability in multiple products JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. network low complexity apache netapp broadcom qos oracle CWE-502	8.8
2021-08-23	CVE-2021-39150	Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-502	8.5
2021-08-23	CVE-2021-39152	Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-502	8.5
2021-08-23	CVE-2021-39139	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network low complexity xstream-project debian fedoraproject netapp oracle CWE-434	8.8
2021-08-23	CVE-2021-39141	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project debian fedoraproject netapp oracle CWE-434	8.5
2021-08-23	CVE-2021-39144	Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project debian fedoraproject netapp oracle CWE-502	8.5