Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-10	CVE-2021-22569	An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. network google oracle	4.3
2022-01-01	CVE-2021-45943	Out-of-bounds Write vulnerability in multiple products GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). local low complexity osgeo debian fedoraproject oracle CWE-787	5.5
2021-12-30	CVE-2021-4183	Out-of-bounds Read vulnerability in multiple products Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file local low complexity wireshark fedoraproject oracle CWE-125	5.5
2021-12-28	CVE-2021-44832	Improper Input Validation vulnerability in multiple products Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. network high complexity apache oracle cisco fedoraproject debian CWE-20	6.6
2021-12-18	CVE-2021-45105	Uncontrolled Recursion vulnerability in multiple products Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. network high complexity apache netapp debian sonicwall oracle CWE-674	5.9
2021-12-17	CVE-2021-34141	Incorrect Comparison vulnerability in multiple products An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. network low complexity numpy oracle CWE-697	5.3
2021-12-09	CVE-2021-43797	HTTP Request Smuggling vulnerability in multiple products Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. network low complexity netty quarkus netapp oracle debian CWE-444	6.5
2021-12-07	CVE-2021-42717	Uncontrolled Recursion vulnerability in multiple products ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. network low complexity trustwave f5 debian oracle CWE-674	5.0
2021-11-17	CVE-2021-41165	Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source WYSIWYG HTML editor. network low complexity ckeditor drupal oracle CWE-79	5.4
2021-11-17	CVE-2021-41164	Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source WYSIWYG HTML editor. network low complexity ckeditor drupal oracle fedoraproject CWE-79	5.4