Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-23	CVE-2021-3975	Use After Free vulnerability in multiple products A use-after-free flaw was found in libvirt. network low complexity redhat canonical fedoraproject debian CWE-416	6.5
2022-03-03	CVE-2021-3640	Use After Free vulnerability in multiple products A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. local linux debian fedoraproject canonical netapp CWE-416	6.9
2022-02-18	CVE-2016-2124	Improper Authentication vulnerability in multiple products A flaw was found in the way samba implemented SMB1 authentication. network samba debian fedoraproject redhat canonical CWE-287	4.3
2022-02-18	CVE-2020-25722	Incorrect Authorization vulnerability in multiple products Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. network low complexity samba debian fedoraproject canonical CWE-863	6.5
2022-02-17	CVE-2021-44730	Link Following vulnerability in multiple products snapd 2.54.2 did not properly validate the location of the snap-confine binary. local canonical fedoraproject debian CWE-59	6.9
2022-02-17	CVE-2021-4120	Improper Input Validation vulnerability in multiple products snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. local low complexity canonical fedoraproject CWE-20	4.6
2022-01-31	CVE-2021-45079	NULL Pointer Dereference vulnerability in multiple products In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication. network strongswan debian fedoraproject canonical CWE-476	5.8
2022-01-14	CVE-2022-20698	Improper Input Validation vulnerability in multiple products A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity clamav debian canonical CWE-20	5.0
2021-04-26	CVE-2020-15078	Missing Authentication for Critical Function vulnerability in multiple products OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. network low complexity openvpn fedoraproject canonical debian CWE-306	5.0
2021-04-07	CVE-2013-1054	Improper Resource Shutdown or Release vulnerability in Canonical Ubuntu Linux and Unity-Firefox-Extension The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. network canonical CWE-404	4.3