Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-09	CVE-2022-26364	x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. local low complexity xen fedoraproject debian	6.7
2022-06-09	CVE-2022-31030	containerd is an open source container runtime. local low complexity linuxfoundation debian fedoraproject	5.5
2022-06-02	CVE-2022-1462	An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. local high complexity linux redhat debian	6.3
2022-06-02	CVE-2022-1789	NULL Pointer Dereference vulnerability in multiple products With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. low complexity linux fedoraproject redhat debian CWE-476	6.8
2022-06-02	CVE-2022-26491	Improper Certificate Validation vulnerability in multiple products An issue was discovered in Pidgin before 2.14.9. network high complexity pidgin debian CWE-295	5.9
2022-06-02	CVE-2022-27774	Insufficiently Protected Credentials vulnerability in multiple products An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. network low complexity haxx debian netapp brocade splunk CWE-522	5.7
2022-06-02	CVE-2022-27776	Insufficiently Protected Credentials vulnerability in multiple products A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. network low complexity haxx fedoraproject debian netapp brocade splunk CWE-522	6.5
2022-05-26	CVE-2022-26691	Incorrect Comparison vulnerability in multiple products A logic issue was addressed with improved state management. local low complexity apple debian fedoraproject openprinting CWE-697	6.7
2022-05-26	CVE-2022-22577	Cross-site Scripting vulnerability in multiple products An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses. network low complexity rubyonrails debian CWE-79	6.1
2022-05-26	CVE-2022-27777	Cross-site Scripting vulnerability in multiple products A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes. network low complexity rubyonrails debian CWE-79	6.1