Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-28	CVE-2022-29869	Information Exposure Through Log Files vulnerability in multiple products cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. network low complexity samba fedoraproject debian CWE-532	5.3
2022-04-19	CVE-2022-21496	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). network low complexity oracle netapp debian azul	5.3
2022-04-18	CVE-2022-24859	PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. local low complexity pypdf2-project debian	5.5
2022-04-15	CVE-2022-24851	Cross-site Scripting vulnerability in multiple products LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. network low complexity ldap-account-manager debian CWE-79	4.8
2022-04-15	CVE-2022-28041	Integer Overflow or Wraparound vulnerability in multiple products stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. network low complexity nothings fedoraproject debian CWE-190	6.5
2022-04-14	CVE-2022-1328	Classic Buffer Overflow vulnerability in multiple products Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line network low complexity mutt debian fedoraproject CWE-120	5.3
2022-04-12	CVE-2021-28544	Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. network low complexity apache debian fedoraproject apple	4.3
2022-04-05	CVE-2022-26356	Improper Locking vulnerability in multiple products Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. local high complexity xen debian fedoraproject CWE-667	5.6
2022-04-03	CVE-2022-28388	Double Free vulnerability in multiple products usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. local low complexity linux debian fedoraproject netapp CWE-415	5.5
2022-04-03	CVE-2022-28389	Double Free vulnerability in multiple products mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. local low complexity linux fedoraproject debian netapp CWE-415	5.5