Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-23 | CVE-2021-4149 | Improper Locking vulnerability in multiple products A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. | 5.5 |
| 2022-03-23 | CVE-2021-4156 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. | 7.1 |
| 2022-03-23 | CVE-2021-4197 | Improper Authentication vulnerability in multiple products An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. | 7.8 |
| 2022-03-23 | CVE-2022-0854 | Memory Leak vulnerability in multiple products A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. | 5.5 |
| 2022-03-23 | CVE-2021-44040 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. | 7.5 |
| 2022-03-23 | CVE-2021-44759 | Improper Authentication vulnerability in multiple products Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. | 8.1 |
| 2022-03-23 | CVE-2022-27666 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. | 7.8 |
| 2022-03-22 | CVE-2022-24764 | PJSIP is a free and open source multimedia communication library written in C. | 7.5 |
| 2022-03-18 | CVE-2022-0547 | Improper Authentication vulnerability in multiple products OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. | 9.8 |
| 2022-03-18 | CVE-2022-1011 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). | 7.8 |