Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-01	CVE-2022-34903	Injection vulnerability in multiple products GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. network high complexity gnupg fedoraproject debian netapp CWE-74	6.5
2022-06-30	CVE-2022-2056	Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. network low complexity libtiff netapp fedoraproject debian CWE-369	6.5
2022-06-30	CVE-2022-2057	Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. network low complexity libtiff netapp fedoraproject debian CWE-369	6.5
2022-06-30	CVE-2022-2058	Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. network low complexity libtiff netapp fedoraproject debian CWE-369	6.5
2022-06-30	CVE-2022-2078	A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. local low complexity linux redhat debian	5.5
2022-06-27	CVE-2022-31081	HTTP::Daemon is a simple http server class written in perl. network low complexity http debian	6.5
2022-06-27	CVE-2022-31085	Insufficiently Protected Credentials vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network low complexity ldap-account-manager debian CWE-522	6.1
2022-06-27	CVE-2022-31088	LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network low complexity ldap-account-manager debian	5.3
2022-06-24	CVE-2022-32209	Cross-site Scripting vulnerability in multiple products # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden. network low complexity rubyonrails fedoraproject debian CWE-79	6.1
2022-06-15	CVE-2022-21166	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity xen fedoraproject intel vmware debian CWE-459	5.5