Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-31	CVE-2022-3028	Out-of-bounds Write vulnerability in multiple products A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. local high complexity linux fedoraproject debian CWE-787	7.0
2022-08-30	CVE-2021-46837	NULL Pointer Dereference vulnerability in multiple products res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. network low complexity asterisk digium debian CWE-476	6.5
2022-08-30	CVE-2022-25857	XML Entity Expansion vulnerability in multiple products The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections. network low complexity snakeyaml-project debian CWE-776	7.5
2022-08-30	CVE-2022-39028	NULL Pointer Dereference vulnerability in multiple products telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. network low complexity gnu mit debian netkit-telnet-project CWE-476	7.5
2022-08-30	CVE-2022-38784	Integer Overflow or Wraparound vulnerability in multiple products Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). local low complexity freedesktop debian fedoraproject CWE-190	7.8
2022-08-29	CVE-2022-0367	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. local low complexity libmodbus fedoraproject debian CWE-787	7.8
2022-08-29	CVE-2022-0718	Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. network low complexity openstack redhat debian CWE-532	4.9
2022-08-29	CVE-2022-1184	A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. local low complexity linux redhat debian canonical	5.5
2022-08-29	CVE-2022-1204	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. local low complexity linux fedoraproject debian CWE-416	5.5
2022-08-29	CVE-2022-2953	Out-of-bounds Read vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. local low complexity libtiff netapp debian CWE-125	5.5