Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-24	CVE-2021-3700	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. local spice-space redhat fedoraproject debian CWE-416	4.4
2022-02-21	CVE-2021-4115	There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. local low complexity polkit-project redhat fedoraproject canonical debian oracle	5.5
2022-02-18	CVE-2022-23645	Out-of-bounds Read vulnerability in multiple products swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. local low complexity swtpm-project redhat fedoraproject CWE-125	5.5
2022-02-18	CVE-2016-2124	Improper Authentication vulnerability in multiple products A flaw was found in the way samba implemented SMB1 authentication. network high complexity samba debian fedoraproject redhat canonical CWE-287	5.9
2022-02-18	CVE-2021-20320	A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. local low complexity linux fedoraproject redhat	5.5
2022-02-18	CVE-2021-20321	Race Condition vulnerability in multiple products A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. local high complexity linux redhat debian CWE-362	4.7
2022-02-18	CVE-2021-3930	Off-by-one Error vulnerability in multiple products An off-by-one error was found in the SCSI device emulation in QEMU. local low complexity qemu redhat debian CWE-193	6.5
2022-02-16	CVE-2021-3753	Out-of-bounds Read vulnerability in multiple products A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). local high complexity linux redhat netapp CWE-125	4.7
2022-02-16	CVE-2021-3551	Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. local dogtagpki fedoraproject oracle redhat CWE-312	4.4
2022-02-11	CVE-2022-0561	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff redhat fedoraproject debian netapp CWE-476	5.5