Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2022-05-31 CVE-2022-31002 Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library.
network
low complexity
signalwire debian
7.5
7.5
2022-05-31 CVE-2022-1942 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject apple debian
7.8
7.8
2022-05-27 CVE-2022-1897 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject apple debian
7.8
7.8
2022-05-27 CVE-2022-1898 Use After Free in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian apple
7.8
7.8
2022-05-26 CVE-2022-26691 Incorrect Comparison vulnerability in multiple products
A logic issue was addressed with improved state management. 		6.7
6.7
2022-05-26 CVE-2022-21831 Code Injection vulnerability in multiple products
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.
network
low complexity
rubyonrails debian CWE-94
critical
 9.8
9.8
2022-05-26 CVE-2022-22576 Missing Authentication for Critical Function vulnerability in multiple products
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer.
network
low complexity
haxx debian netapp brocade splunk CWE-306
8.1
8.1
2022-05-26 CVE-2022-22577 Cross-site Scripting vulnerability in multiple products
An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.
network
low complexity
rubyonrails debian CWE-79
6.1
6.1
2022-05-26 CVE-2022-27777 Cross-site Scripting vulnerability in multiple products
A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes.
network
low complexity
rubyonrails debian CWE-79
6.1
6.1
2022-05-26 CVE-2022-30783 Unchecked Return Value vulnerability in multiple products
An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite.
local
low complexity
tuxera fedoraproject debian CWE-252
6.7
6.7