Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-29	CVE-2022-3352	Use After Free in GitHub repository vim/vim prior to 9.0.0614. local low complexity vim fedoraproject debian	7.8
2022-09-29	CVE-2016-2338	Out-of-bounds Write vulnerability in multiple products An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. network low complexity ruby-lang debian CWE-787 critical	9.8
2022-09-28	CVE-2022-31628	Infinite Loop vulnerability in multiple products In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop. local low complexity php fedoraproject debian CWE-835	5.5
2022-09-28	CVE-2022-31629	In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications. network low complexity php fedoraproject debian	6.5
2022-09-28	CVE-2022-1270	In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. local low complexity graphicsmagick debian	7.8
2022-09-28	CVE-2021-43980	The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client. network high complexity apache debian	3.7
2022-09-28	CVE-2022-39261	Path Traversal vulnerability in multiple products Twig is a template language for PHP. network low complexity symfony drupal fedoraproject debian CWE-22	7.5
2022-09-27	CVE-2022-3303	A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. local high complexity linux debian	4.7
2022-09-27	CVE-2022-3324	Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. local low complexity vim fedoraproject debian	7.8
2022-09-26	CVE-2022-3201	Improper Input Validation vulnerability in multiple products Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. network low complexity google fedoraproject debian CWE-20	5.4