Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-05	CVE-2022-2097	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. network low complexity openssl fedoraproject netapp siemens debian CWE-327	5.3
2022-07-01	CVE-2022-34903	Injection vulnerability in multiple products GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. network high complexity gnupg fedoraproject debian netapp CWE-74	6.5
2022-06-30	CVE-2022-2056	Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. network low complexity libtiff netapp fedoraproject debian CWE-369	6.5
2022-06-30	CVE-2022-2057	Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. network low complexity libtiff netapp fedoraproject debian CWE-369	6.5
2022-06-30	CVE-2022-2058	Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. network low complexity libtiff netapp fedoraproject debian CWE-369	6.5
2022-06-30	CVE-2022-2078	A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. local low complexity linux redhat debian	5.5
2022-06-27	CVE-2022-31081	HTTP::Daemon is a simple http server class written in perl. network low complexity http debian	6.5
2022-06-27	CVE-2022-31085	Insufficiently Protected Credentials vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network low complexity ldap-account-manager debian CWE-522	6.1
2022-06-27	CVE-2022-31088	LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network low complexity ldap-account-manager debian	5.3
2022-06-24	CVE-2022-32209	Cross-site Scripting vulnerability in multiple products # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden. network low complexity rubyonrails fedoraproject debian CWE-79	6.1