| 2022-08-23 | CVE-2021-31566 | An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. | 7.8 |
| 2022-07-06 | CVE-2021-3695 | Out-of-bounds Write vulnerability in multiple products
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. | 4.5 |
| 2022-07-06 | CVE-2021-3696 | Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. | 4.5 |
| 2022-07-06 | CVE-2021-3697 | Out-of-bounds Write vulnerability in multiple products
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. | 7.0 |
| 2022-04-29 | CVE-2022-1227 | Improper Privilege Management vulnerability in multiple products
A privilege escalation flaw was found in Podman. | 8.8 |
| 2022-04-04 | CVE-2022-27649 | Incorrect Default Permissions vulnerability in multiple products
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. | 7.5 |
| 2022-03-18 | CVE-2022-1011 | Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). | 7.8 |
| 2022-03-04 | CVE-2021-3744 | A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). | 5.5 |
| 2020-08-07 | CVE-2020-9490 | HTTP Request Smuggling vulnerability in multiple products
Apache HTTP Server versions 2.4.20 to 2.4.43. | 7.5 |
| 2020-02-07 | CVE-2019-15605 | HTTP Request Smuggling vulnerability in multiple products
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed | 9.8 |