Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-08	CVE-2023-1032	Double Free vulnerability in multiple products The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. local low complexity linux canonical CWE-415	5.5
2023-12-12	CVE-2023-5536	Incorrect Default Permissions vulnerability in Canonical Ubuntu Linux A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password. local high complexity canonical CWE-276	6.4
2023-12-08	CVE-2023-45866	Improper Authentication vulnerability in multiple products Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. low complexity google canonical apple fedoraproject debian CWE-287	6.3
2023-09-27	CVE-2023-44216	Information Exposure Through Discrepancy vulnerability in multiple products PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. network high complexity canonical amd intel microsoft nvidia apple google CWE-203	5.3
2023-05-31	CVE-2023-2612	Improper Locking vulnerability in Canonical Ubuntu Linux 20.04/22.04/22.10 Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. local high complexity canonical CWE-667	4.7
2023-04-26	CVE-2023-1786	Information Exposure Through Log Files vulnerability in multiple products Sensitive data could be exposed in logs of cloud-init before version 23.1.2. local low complexity canonical fedoraproject CWE-532	5.5
2023-04-19	CVE-2022-2084	Information Exposure Through Log Files vulnerability in Canonical Cloud-Init and Ubuntu Linux Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. local low complexity canonical CWE-532	5.5
2023-04-07	CVE-2020-11935	It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. local low complexity canonical debian	5.5
2022-08-29	CVE-2022-1184	Use After Free vulnerability in multiple products A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. local low complexity linux redhat debian canonical CWE-416	5.5
2022-08-23	CVE-2021-3975	Use After Free vulnerability in multiple products A use-after-free flaw was found in libvirt. network low complexity redhat canonical fedoraproject debian netapp CWE-416	6.5