Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-24	CVE-2021-3608	Access of Uninitialized Pointer vulnerability in multiple products A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. local low complexity qemu debian fedoraproject CWE-824	6.0
2022-02-24	CVE-2021-3700	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. local high complexity spice-space redhat fedoraproject debian CWE-416	6.4
2022-02-24	CVE-2021-44532	Improper Certificate Validation vulnerability in multiple products Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. network low complexity nodejs oracle debian CWE-295	5.3
2022-02-24	CVE-2021-44533	Improper Certificate Validation vulnerability in multiple products Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. network low complexity nodejs oracle debian CWE-295	5.3
2022-02-24	CVE-2022-0544	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. local low complexity blender debian CWE-191	5.5
2022-02-24	CVE-2022-0545	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. local low complexity blender debian CWE-190	7.8
2022-02-24	CVE-2022-0546	Integer Overflow or Wraparound vulnerability in multiple products A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution. local low complexity blender fedoraproject debian CWE-190	7.8
2022-02-24	CVE-2022-21824	Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". network low complexity nodejs oracle debian netapp	8.2
2022-02-24	CVE-2019-25058	Incorrect Authorization vulnerability in multiple products An issue was discovered in USBGuard before 1.1.0. local low complexity usbguard-project fedoraproject debian CWE-863	7.8
2022-02-24	CVE-2022-24407	SQL Injection vulnerability in multiple products In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. network low complexity cyrusimap debian fedoraproject netapp oracle CWE-89	8.8