Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2022-1789 | NULL Pointer Dereference vulnerability in multiple products With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. | 6.8 |
| 2022-06-02 | CVE-2022-26491 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in Pidgin before 2.14.9. | 4.3 |
| 2022-06-02 | CVE-2022-27774 | Insufficiently Protected Credentials vulnerability in multiple products An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. | 5.7 |
| 2022-06-02 | CVE-2022-27776 | Insufficiently Protected Credentials vulnerability in multiple products A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. | 6.5 |
| 2022-05-26 | CVE-2022-26691 | Incorrect Comparison vulnerability in multiple products A logic issue was addressed with improved state management. | 6.7 |
| 2022-05-26 | CVE-2022-22577 | Cross-site Scripting vulnerability in multiple products An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses. | 6.1 |
| 2022-05-26 | CVE-2022-27777 | Cross-site Scripting vulnerability in multiple products A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes. | 6.1 |
| 2022-05-26 | CVE-2022-30783 | Unchecked Return Value vulnerability in multiple products An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. | 6.7 |
| 2022-05-26 | CVE-2022-30785 | A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | 6.7 |
| 2022-05-26 | CVE-2022-30787 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | 6.7 |