Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2022-08-10 CVE-2022-31778 Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache.
network
low complexity
apache debian
7.5
7.5
2022-08-10 CVE-2022-31779 Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian fedoraproject
7.5
7.5
2022-08-10 CVE-2022-31780 Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian fedoraproject
7.5
7.5
2022-08-07 CVE-2022-37452 Out-of-bounds Write vulnerability in multiple products
Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
network
low complexity
exim debian CWE-787
critical
 9.8
9.8
2022-08-05 CVE-2022-37434 Out-of-bounds Write vulnerability in multiple products
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.
network
low complexity
zlib fedoraproject debian netapp apple stormshield CWE-787
critical
 9.8
9.8
2022-08-03 CVE-2022-31197 PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code.
network
low complexity
postgresql debian fedoraproject
8.0
8.0
2022-08-03 CVE-2022-32292 Out-of-bounds Write vulnerability in multiple products
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
network
low complexity
intel debian CWE-787
critical
 9.8
9.8
2022-08-03 CVE-2022-32293 Use After Free vulnerability in multiple products
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.
network
high complexity
intel debian CWE-416
8.1
8.1
2022-08-03 CVE-2022-36359 Download of Code Without Integrity Check vulnerability in multiple products
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7.
network
low complexity
djangoproject debian CWE-494
8.8
8.8
2022-08-01 CVE-2022-2598 Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
local
low complexity
vim debian
5.5
5.5