CVSS: 6.3EPSS: %CPEs: 7EXPL: 0CVE-2021-25635 – libreoffice: Content Manipulation with Certificate Validation Attack
https://notcve.org/view.php?id=CVE-2021-25635
10 May 2022 — A flaw was found in LibreOffice, where it improperly validated signatures for algorithms that were not verified. This flaw leads to LibreOffice presenting a valid signature when the validity of the signature was not verified. The highest threat from this vulnerability is to confidentiality and integrity. libreoffice: Content Manipulation with Certificate Validation Attack • https://access.redhat.com/security/cve/CVE-2021-25635 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: %CPEs: 2EXPL: 0CVE-2022-219862
https://notcve.org/view.php?id=CVE-2022-219862
09 Feb 2022 — A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service. •