Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-24	CVE-2022-0544	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. local low complexity blender debian CWE-191	5.5
2022-02-24	CVE-2022-0545	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. local low complexity blender debian CWE-190	7.8
2022-02-24	CVE-2022-0546	Integer Overflow or Wraparound vulnerability in multiple products A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution. local low complexity blender fedoraproject debian CWE-190	7.8
2022-02-24	CVE-2022-21824	Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". network low complexity nodejs oracle debian netapp	8.2
2022-02-24	CVE-2019-25058	Incorrect Authorization vulnerability in multiple products An issue was discovered in USBGuard before 1.1.0. local low complexity usbguard-project fedoraproject debian CWE-863	7.8
2022-02-24	CVE-2022-24407	SQL Injection vulnerability in multiple products In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. network low complexity cyrusimap debian fedoraproject netapp oracle CWE-89	8.8
2022-02-24	CVE-2022-24599	Memory Leak vulnerability in multiple products In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. network low complexity audio-file-library-project debian fedoraproject CWE-401	6.5
2022-02-24	CVE-2022-25636	Improper Privilege Management vulnerability in multiple products net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. local low complexity linux debian netapp oracle CWE-269	7.8
2022-02-23	CVE-2022-0729	Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. network low complexity vim fedoraproject debian apple	8.8
2022-02-22	CVE-2022-0714	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. local low complexity vim fedoraproject debian apple	5.5