Vulnerabilities > Oracle > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-24 | CVE-2022-25636 | Improper Privilege Management vulnerability in multiple products net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. | 7.8 |
2022-02-18 | CVE-2021-20322 | Use of Insufficiently Random Values vulnerability in multiple products A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. | 7.4 |
2022-02-18 | CVE-2022-25314 | Integer Overflow or Wraparound vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. | 7.5 |
2022-02-17 | CVE-2022-23632 | Traefik is an HTTP reverse proxy and load balancer. | 7.5 |
2022-02-16 | CVE-2021-3752 | Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. | 7.1 |
2022-02-16 | CVE-2021-3551 | Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. | 7.8 |
2022-02-09 | CVE-2022-0391 | Injection vulnerability in multiple products A flaw was found in Python, specifically within the urllib.parse module. | 7.5 |
2022-02-01 | CVE-2021-43859 | Resource Exhaustion vulnerability in multiple products XStream is an open source java library to serialize objects to XML and back again. | 7.5 |
2022-01-28 | CVE-2021-4034 | Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. | 7.8 |
2022-01-27 | CVE-2022-23181 | The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. | 7.0 |