7.2.2

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-25	CVE-2022-33757	Unspecified vulnerability in Tenable Nessus An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. network low complexity tenable	6.5
2022-06-21	CVE-2022-32973	Unspecified vulnerability in Tenable Nessus An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. network low complexity tenable	8.8
2022-06-21	CVE-2022-32974	Unspecified vulnerability in Tenable Nessus An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials. network low complexity tenable	6.5
2022-03-15	CVE-2022-0778	Infinite Loop vulnerability in multiple products The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. network low complexity openssl debian netapp fedoraproject tenable mariadb nodejs CWE-835	7.5
2022-01-26	CVE-2022-23990	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. network low complexity libexpat-project tenable oracle debian fedoraproject siemens CWE-190	7.5
2022-01-24	CVE-2022-23852	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. network low complexity libexpat-project netapp tenable debian oracle siemens CWE-190 critical	9.8
2022-01-10	CVE-2022-22822	Integer Overflow or Wraparound vulnerability in multiple products addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable siemens debian CWE-190 critical	9.8
2022-01-10	CVE-2022-22823	Integer Overflow or Wraparound vulnerability in multiple products build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190 critical	9.8
2022-01-10	CVE-2022-22824	Integer Overflow or Wraparound vulnerability in multiple products defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190 critical	9.8
2022-01-10	CVE-2022-22825	Integer Overflow or Wraparound vulnerability in multiple products lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190	8.8