Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-25	CVE-2018-25032	Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. network low complexity zlib debian fedoraproject apple python mariadb netapp siemens azul goto CWE-787	7.5
2022-03-24	CVE-2022-24769	Moby is an open-source project created by Docker to enable and accelerate software containerization. local low complexity mobyproject fedoraproject linuxfoundation debian	5.9
2022-03-24	CVE-2021-43666	A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. network low complexity arm debian	7.5
2022-03-23	CVE-2021-3618	ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. network high complexity f5 sendmail vsftpd-project fedoraproject debian	7.4
2022-03-23	CVE-2021-3748	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the virtio-net device of QEMU. local high complexity qemu debian canonical fedoraproject redhat CWE-416	7.5
2022-03-23	CVE-2021-4149	Improper Locking vulnerability in multiple products A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. local low complexity linux debian CWE-667	5.5
2022-03-23	CVE-2021-4156	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. network low complexity libsndfile-project debian CWE-125	7.1
2022-03-23	CVE-2021-4197	Improper Authentication vulnerability in multiple products An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. local low complexity linux debian oracle broadcom netapp CWE-287	7.8
2022-03-23	CVE-2022-0854	Memory Leak vulnerability in multiple products A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. local low complexity linux debian CWE-401	5.5
2022-03-23	CVE-2021-44040	Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. network low complexity apache debian CWE-20	7.5