Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-14	CVE-2022-0581	Use After Free vulnerability in multiple products Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-416	7.5
2022-02-14	CVE-2022-0582	NULL Pointer Dereference vulnerability in multiple products Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-476 critical	9.8
2022-02-14	CVE-2022-0583	Out-of-bounds Write vulnerability in multiple products Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-787	7.5
2022-02-14	CVE-2022-0586	Infinite Loop vulnerability in multiple products Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-835	7.5
2022-02-14	CVE-2021-45444	In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. local low complexity zsh fedoraproject debian apple	7.8
2022-02-14	CVE-2022-0572	Out-of-bounds Write vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject debian apple CWE-787	7.8
2022-02-11	CVE-2022-23634	Improper Resource Shutdown or Release vulnerability in multiple products Puma is a Ruby/Rack web server built for parallelism. network high complexity puma rubyonrails debian fedoraproject CWE-404	5.9
2022-02-11	CVE-2022-23633	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Action Pack is a framework for handling and responding to web requests. network high complexity rubyonrails debian CWE-212	5.9
2022-02-11	CVE-2021-20001	Incorrect Default Permissions vulnerability in multiple products It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation. network low complexity skolelinux debian CWE-276 critical	9.8
2022-02-11	CVE-2022-0561	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff redhat fedoraproject debian netapp CWE-476	5.5