High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-18	CVE-2020-25719	Race Condition vulnerability in multiple products A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. network low complexity samba debian fedoraproject canonical redhat CWE-362	7.2
2022-02-18	CVE-2021-4093	Out-of-bounds Write vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). local low complexity linux redhat fedoraproject canonical CWE-787	8.8
2022-02-16	CVE-2021-3752	Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. high complexity linux redhat fedoraproject netapp debian oracle CWE-362	7.1
2022-02-16	CVE-2021-3551	Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. local low complexity dogtagpki fedoraproject oracle redhat CWE-312	7.8
2022-02-04	CVE-2021-4154	Use After Free vulnerability in multiple products A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. local low complexity linux redhat netapp CWE-416	8.8
2022-01-28	CVE-2021-4034	Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. local low complexity polkit-project redhat canonical suse oracle siemens starwindsoftware CWE-787	7.8
2022-01-20	CVE-2021-45417	Out-of-bounds Write vulnerability in multiple products AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. local low complexity advanced-intrusion-detection-environment-project redhat fedoraproject canonical debian CWE-787	7.8
2022-01-12	CVE-2021-43860	Incorrect Default Permissions vulnerability in multiple products Flatpak is a Linux application sandboxing and distribution framework. local low complexity flatpak fedoraproject redhat debian CWE-276	8.6
2022-01-01	CVE-2021-41819	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. network low complexity ruby-lang redhat debian suse opensuse fedoraproject CWE-565	7.5
2022-01-01	CVE-2021-41817	Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. network low complexity ruby-lang redhat fedoraproject debian suse opensuse	7.5