Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-02 | CVE-2022-29970 | Path Traversal vulnerability in multiple products Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files. | 7.5 |
| 2022-05-01 | CVE-2022-25647 | Deserialization of Untrusted Data vulnerability in multiple products The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. | 7.5 |
| 2022-04-29 | CVE-2021-4206 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-04-29 | CVE-2021-4207 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-04-29 | CVE-2022-1048 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. | 7.0 |
| 2022-04-29 | CVE-2022-1195 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. | 5.5 |
| 2022-04-29 | CVE-2022-1353 | A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. | 7.1 |
| 2022-04-28 | CVE-2022-29869 | Information Exposure Through Log Files vulnerability in multiple products cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. | 5.3 |
| 2022-04-27 | CVE-2022-27239 | Out-of-bounds Write vulnerability in multiple products In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. | 7.8 |
| 2022-04-25 | CVE-2022-1441 | Out-of-bounds Read vulnerability in multiple products MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. | 7.8 |