High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-10	CVE-2023-5869	Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. network low complexity postgresql redhat CWE-190	8.8
2023-08-11	CVE-2023-39417	SQL Injection vulnerability in multiple products IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). network low complexity postgresql redhat debian CWE-89	8.8
2023-06-09	CVE-2023-2454	schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. network low complexity postgresql redhat fedoraproject	7.2
2023-03-06	CVE-2022-4904	Improper Validation of Specified Quantity in Input vulnerability in multiple products A flaw was found in the c-ares package. network low complexity c-ares-project redhat fedoraproject CWE-1284	8.6
2022-09-09	CVE-2020-10735	Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in python. network low complexity python redhat fedoraproject CWE-704	7.5
2022-03-04	CVE-2021-3656	Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. local low complexity linux fedoraproject redhat CWE-862	8.8
2022-03-04	CVE-2021-23214	SQL Injection vulnerability in multiple products When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. network high complexity postgresql fedoraproject redhat CWE-89	8.1
2022-03-02	CVE-2022-0711	Infinite Loop vulnerability in multiple products A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. network low complexity haproxy redhat debian CWE-835	7.5
2022-01-01	CVE-2021-41819	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. network low complexity ruby-lang redhat debian suse opensuse fedoraproject CWE-565	7.5
2022-01-01	CVE-2021-41817	Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. network low complexity ruby-lang redhat fedoraproject debian suse opensuse	7.5