Http Server

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-18	CVE-2022-25315	Integer Overflow or Wraparound vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. network low complexity libexpat-project debian fedoraproject oracle siemens CWE-190 critical	9.8
2022-02-16	CVE-2022-25235	Improper Encoding or Escaping of Output vulnerability in multiple products xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. network low complexity libexpat-project debian fedoraproject oracle siemens CWE-116 critical	9.8
2022-02-16	CVE-2022-25236	Exposure of Resource to Wrong Sphere vulnerability in multiple products xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. network low complexity libexpat-project debian oracle siemens CWE-668 critical	9.8
2022-02-09	CVE-2022-0391	Injection vulnerability in multiple products A flaw was found in Python, specifically within the urllib.parse module. network low complexity python netapp fedoraproject oracle CWE-74	7.5
2022-01-28	CVE-2021-4034	Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. local low complexity polkit-project redhat canonical suse oracle siemens starwindsoftware CWE-787	7.8
2022-01-19	CVE-2022-21271	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). network low complexity oracle netapp	5.3
2022-01-19	CVE-2022-21375	Unspecified vulnerability in Oracle Http Server, Solaris and ZFS Storage Appliance KIT Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). local low complexity oracle	4.9
2021-12-30	CVE-2021-4181	Out-of-bounds Read vulnerability in multiple products Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian oracle CWE-125	7.5
2021-12-30	CVE-2021-4182	Infinite Loop vulnerability in multiple products Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject oracle CWE-835	7.5
2021-12-30	CVE-2021-4183	Out-of-bounds Read vulnerability in multiple products Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file local low complexity wireshark fedoraproject oracle CWE-125	5.5