Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-15	CVE-2022-21166	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity xen fedoraproject intel vmware debian CWE-459	5.5
2022-06-15	CVE-2022-21123	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity xen fedoraproject intel vmware debian CWE-459	5.5
2022-06-15	CVE-2022-21125	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity xen fedoraproject intel vmware debian CWE-459	5.5
2022-06-09	CVE-2022-26362	Race Condition vulnerability in multiple products x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. local high complexity xen fedoraproject debian CWE-362	6.4
2022-06-09	CVE-2022-26363	x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. local low complexity xen fedoraproject debian	6.7
2022-06-09	CVE-2022-26364	x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. local low complexity xen fedoraproject debian	6.7
2022-06-09	CVE-2022-28614	Integer Overflow or Wraparound vulnerability in multiple products The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. network low complexity apache fedoraproject netapp CWE-190	5.3
2022-06-09	CVE-2022-31030	Resource Exhaustion vulnerability in multiple products containerd is an open source container runtime. local low complexity linuxfoundation debian fedoraproject CWE-400	5.5
2022-06-02	CVE-2022-1789	NULL Pointer Dereference vulnerability in multiple products With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. low complexity linux fedoraproject redhat debian CWE-476	6.8
2022-06-02	CVE-2022-27776	Insufficiently Protected Credentials vulnerability in multiple products A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. network low complexity haxx fedoraproject debian netapp brocade splunk CWE-522	6.5