Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-14	CVE-2022-42722	NULL Pointer Dereference vulnerability in multiple products In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. local low complexity linux fedoraproject debian CWE-476	5.5
2022-10-13	CVE-2022-42719	Use After Free vulnerability in multiple products A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. low complexity linux fedoraproject debian CWE-416	8.8
2022-10-13	CVE-2022-42902	In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code execution in lava_server/lavatable.py. network low complexity linaro debian	8.8
2022-10-13	CVE-2022-42906	Command Injection vulnerability in multiple products powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. local low complexity powerline-gitstatus-project debian CWE-77	7.8
2022-10-12	CVE-2021-36369	Improper Authentication vulnerability in multiple products An issue was discovered in Dropbear through 2020.81. network low complexity dropbear-ssh-project debian CWE-287	7.5
2022-10-12	CVE-2022-37601	Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. network low complexity webpack-js debian critical	9.8
2022-10-11	CVE-2022-41404	An issue in the fetch() method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. network low complexity ini4j-project debian	7.5
2022-10-11	CVE-2022-3140	Argument Injection or Modification vulnerability in multiple products LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. network low complexity libreoffice debian fedoraproject CWE-88	6.3
2022-10-11	CVE-2022-20421	Use After Free vulnerability in multiple products In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. local low complexity google debian CWE-416	7.8
2022-10-11	CVE-2022-20422	Improper Locking vulnerability in multiple products In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. local high complexity google debian CWE-667	7.0