Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-10	CVE-2022-31043	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Guzzle is an open source PHP HTTP client. network low complexity guzzlephp drupal debian CWE-212	7.5
2022-06-09	CVE-2022-26362	Race Condition vulnerability in multiple products x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. local high complexity xen fedoraproject debian CWE-362	6.4
2022-06-09	CVE-2022-26363	x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. local low complexity xen fedoraproject debian	6.7
2022-06-09	CVE-2022-26364	x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. local low complexity xen fedoraproject debian	6.7
2022-06-09	CVE-2022-2000	Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject apple debian	7.8
2022-06-09	CVE-2022-31031	PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. network low complexity teluu debian critical	9.8
2022-06-09	CVE-2022-31214	Improper Privilege Management vulnerability in multiple products A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. local low complexity firejail-project fedoraproject debian CWE-269	7.8
2022-06-09	CVE-2022-31030	containerd is an open source container runtime. local low complexity linuxfoundation debian fedoraproject	5.5
2022-06-07	CVE-2019-9971	Improper Privilege Management vulnerability in multiple products PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. network low complexity 3cx debian CWE-269	8.8
2022-06-07	CVE-2019-9972	Command Injection vulnerability in multiple products PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of "<space><space> followed by <shift><enter>" mishandling. network low complexity 3cx debian CWE-77	8.8