Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2022-03-06 CVE-2022-26496 Out-of-bounds Write vulnerability in multiple products
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow.
network
low complexity
network-block-device-project debian fedoraproject CWE-787
critical
 9.8
9.8
2022-03-06 CVE-2022-26490 Classic Buffer Overflow vulnerability in multiple products
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.
local
low complexity
linux fedoraproject netapp debian CWE-120
7.8
7.8
2022-03-05 CVE-2022-24921 Uncontrolled Recursion vulnerability in multiple products
regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.
network
low complexity
golang netapp debian CWE-674
7.5
7.5
2022-03-04 CVE-2021-20300 A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp.
local
low complexity
openexr debian
5.5
5.5
2022-03-04 CVE-2021-20302 A flaw was found in OpenEXR's TiledInputFile functionality.
local
low complexity
openexr debian
5.5
5.5
2022-03-04 CVE-2021-20303 A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp.
local
low complexity
openexr debian
6.1
6.1
2022-03-04 CVE-2021-3744 A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).
local
low complexity
linux fedoraproject debian redhat oracle
5.5
5.5
2022-03-03 CVE-2021-3640 A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page.
local
high complexity
linux debian fedoraproject canonical netapp
7.0
7.0
2022-03-03 CVE-2022-0730 Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types.
network
low complexity
cacti debian fedoraproject
critical
 9.8
9.8
2022-03-03 CVE-2021-4002 Memory Leak vulnerability in multiple products
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages.
local
low complexity
linux debian fedoraproject oracle CWE-401
4.4
4.4