Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-18	CVE-2021-42778	Double Free vulnerability in multiple products A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. network low complexity opensc-project fedoraproject redhat CWE-415	5.3
2022-04-18	CVE-2021-42779	Use After Free vulnerability in multiple products A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. network low complexity opensc-project fedoraproject redhat CWE-416	5.3
2022-04-18	CVE-2021-42780	Unchecked Return Value vulnerability in multiple products A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. network low complexity opensc-project fedoraproject redhat CWE-252	5.3
2022-04-18	CVE-2021-42781	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. network low complexity opensc-project fedoraproject redhat CWE-787	5.3
2022-04-13	CVE-2022-1280	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. local high complexity linux redhat CWE-416	6.3
2022-04-04	CVE-2022-27651	Incorrect Default Permissions vulnerability in multiple products A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. network high complexity buildah-project fedoraproject redhat CWE-276	6.8
2022-03-25	CVE-2021-3941	In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. local low complexity openexr redhat fedoraproject debian	6.5
2022-03-23	CVE-2022-0996	Improper Authentication vulnerability in multiple products A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. network low complexity redhat fedoraproject CWE-287	6.5
2022-03-16	CVE-2021-20257	An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. local low complexity qemu fedoraproject redhat debian	6.5
2022-03-10	CVE-2021-3660	Cockpit (and its plugins) do not seem to protect itself against clickjacking. network low complexity cockpit-project redhat	4.3