Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2022-03-14 CVE-2022-22719 Improper Initialization vulnerability in multiple products
A carefully crafted request body can cause a read to a random memory area which could cause the process to crash.
network
low complexity
apache debian fedoraproject oracle apple CWE-665
7.5
7.5
2022-03-14 CVE-2022-22720 HTTP Request Smuggling vulnerability in multiple products
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
network
low complexity
apache fedoraproject debian oracle apple CWE-444
critical
 9.8
9.8
2022-03-14 CVE-2022-22721 Integer Overflow or Wraparound vulnerability in multiple products
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes.
network
low complexity
apache fedoraproject debian oracle apple CWE-190
critical
 9.1
9.1
2022-03-14 CVE-2022-23943 Out-of-bounds Write vulnerability in multiple products
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data.
network
low complexity
apache fedoraproject debian oracle CWE-787
critical
 9.8
9.8
2022-03-13 CVE-2021-36368 Improper Authentication vulnerability in multiple products
An issue was discovered in OpenSSH before 8.9.
network
high complexity
openbsd debian CWE-287
3.7
3.7
2022-03-13 CVE-2022-23960 Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB.
local
high complexity
xen arm debian
5.6
5.6
2022-03-12 CVE-2022-26966 An issue was discovered in the Linux kernel before 5.16.12.
local
low complexity
linux netapp debian
5.5
5.5
2022-03-11 CVE-2022-24754 PJSIP is a free and open source multimedia communication library written in C language.
network
low complexity
teluu debian
critical
 9.8
9.8
2022-03-11 CVE-2022-0907 Unchecked Return Value vulnerability in multiple products
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff debian fedoraproject netapp CWE-252
5.5
5.5
2022-03-11 CVE-2022-0908 NULL Pointer Dereference vulnerability in multiple products
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
local
low complexity
libtiff debian fedoraproject netapp CWE-476
5.5
5.5