High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-25	CVE-2021-4157	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). low complexity linux fedoraproject netapp oracle CWE-119	8.0
2022-03-23	CVE-2021-4197	Improper Authentication vulnerability in multiple products An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. local low complexity linux debian oracle broadcom netapp CWE-287	7.8
2022-03-18	CVE-2022-1011	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). local low complexity linux fedoraproject redhat netapp debian oracle CWE-416	7.8
2022-03-16	CVE-2022-24729	CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. network low complexity ckeditor drupal oracle fedoraproject	7.5
2022-03-14	CVE-2022-22719	Improper Initialization vulnerability in multiple products A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. network low complexity apache debian fedoraproject oracle apple CWE-665	7.5
2022-03-11	CVE-2020-36518	Out-of-bounds Write vulnerability in multiple products jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. network low complexity fasterxml oracle debian netapp CWE-787	7.5
2022-03-10	CVE-2021-38296	Authentication Bypass by Capture-replay vulnerability in multiple products Apache Spark supports end-to-end encryption of RPC connections via "spark.authenticate" and "spark.network.crypto.enabled". network low complexity apache oracle CWE-294	7.5
2022-03-04	CVE-2021-3737	Infinite Loop vulnerability in multiple products A flaw was found in python. network low complexity python redhat fedoraproject canonical netapp oracle CWE-835	7.5
2022-03-04	CVE-2021-3743	An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. local low complexity linux fedoraproject netapp oracle	7.1
2022-03-03	CVE-2022-21716	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Twisted is an event-based framework for internet applications, supporting Python 3.6+. network low complexity twisted debian oracle fedoraproject CWE-770	7.5