Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-27	CVE-2022-31081	HTTP::Daemon is a simple http server class written in perl. network low complexity http debian	6.5
2022-06-27	CVE-2022-31085	Insufficiently Protected Credentials vulnerability in multiple products LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network low complexity ldap-account-manager debian CWE-522	6.1
2022-06-27	CVE-2022-31088	LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. network low complexity ldap-account-manager debian	5.3
2022-06-24	CVE-2022-32209	Cross-site Scripting vulnerability in multiple products # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden. network low complexity rubyonrails fedoraproject debian CWE-79	6.1
2022-06-15	CVE-2022-21166	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity xen fedoraproject intel vmware debian CWE-459	5.5
2022-06-15	CVE-2022-21123	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity xen fedoraproject intel vmware debian CWE-459	5.5
2022-06-15	CVE-2022-21125	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity xen fedoraproject intel vmware debian CWE-459	5.5
2022-06-15	CVE-2022-21127	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity xen intel debian CWE-459	5.5
2022-06-09	CVE-2022-26362	Race Condition vulnerability in multiple products x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. local high complexity xen fedoraproject debian CWE-362	6.4
2022-06-09	CVE-2022-26363	x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. local low complexity xen fedoraproject debian	6.7