Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2022-06-30 CVE-2022-2078 A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.
local
low complexity
linux redhat debian
5.5
5.5
2022-06-27 CVE-2022-31090 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
Guzzle, an extensible PHP HTTP client.
network
low complexity
guzzlephp debian CWE-212
7.7
7.7
2022-06-27 CVE-2022-31091 Guzzle, an extensible PHP HTTP client.
network
low complexity
guzzlephp debian
7.7
7.7
2022-06-27 CVE-2022-31081 HTTP::Daemon is a simple http server class written in perl.
network
low complexity
http debian
6.5
6.5
2022-06-27 CVE-2022-31084 LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g.
network
high complexity
ldap-account-manager debian
8.1
8.1
2022-06-27 CVE-2022-31085 Insufficiently Protected Credentials vulnerability in multiple products
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g.
network
low complexity
ldap-account-manager debian CWE-522
6.1
6.1
2022-06-27 CVE-2022-31086 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g.
network
low complexity
ldap-account-manager debian CWE-434
8.8
8.8
2022-06-27 CVE-2022-31087 Incorrect Authorization vulnerability in multiple products
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g.
local
low complexity
ldap-account-manager debian CWE-863
7.8
7.8
2022-06-27 CVE-2022-31088 LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g.
network
low complexity
ldap-account-manager debian
5.3
5.3
2022-06-24 CVE-2022-32209 Cross-site Scripting vulnerability in multiple products
# Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden.
network
low complexity
rubyonrails fedoraproject debian CWE-79
6.1
6.1