Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2022-12-14 CVE-2022-23519 Cross-site Scripting vulnerability in multiple products
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian CWE-79
6.1
6.1
2022-12-14 CVE-2022-23515 Cross-site Scripting vulnerability in multiple products
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri.
network
low complexity
loofah-project debian CWE-79
6.1
6.1
2022-12-13 CVE-2022-45685 Out-of-bounds Write vulnerability in multiple products
A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.
network
low complexity
jettison-project debian CWE-787
7.5
7.5
2022-12-13 CVE-2022-45693 Out-of-bounds Write vulnerability in multiple products
Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter.
network
low complexity
jettison-project debian CWE-787
7.5
7.5
2022-12-13 CVE-2022-41915 Interpretation Conflict vulnerability in multiple products
Netty project is an event-driven asynchronous network application framework.
network
low complexity
netty debian CWE-436
6.5
6.5
2022-12-12 CVE-2022-41881 Uncontrolled Recursion vulnerability in multiple products
Netty project is an event-driven asynchronous network application framework.
network
low complexity
netty debian CWE-674
7.5
7.5
2022-12-09 CVE-2022-23468 Classic Buffer Overflow vulnerability in multiple products
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function.
network
low complexity
neutrinolabs debian CWE-120
critical
 9.8
9.8
2022-12-09 CVE-2022-23477 Classic Buffer Overflow vulnerability in multiple products
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function.
network
low complexity
neutrinolabs debian CWE-120
critical
 9.8
9.8
2022-12-09 CVE-2022-23478 Out-of-bounds Write vulnerability in multiple products
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function.
network
low complexity
neutrinolabs debian CWE-787
critical
 9.8
9.8
2022-12-09 CVE-2022-23479 Classic Buffer Overflow vulnerability in multiple products
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function.
network
low complexity
neutrinolabs debian CWE-120
critical
 9.8
9.8