Vulnerabilities > Debian > Debian Linux > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-14 | CVE-2022-22721 | Integer Overflow or Wraparound vulnerability in multiple products If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. | 9.1 |
2022-03-14 | CVE-2022-22720 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling | 9.8 |
2022-03-11 | CVE-2022-24754 | Classic Buffer Overflow vulnerability in multiple products PJSIP is a free and open source multimedia communication library written in C language. | 9.8 |
2022-03-10 | CVE-2022-26520 | In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. | 9.8 |
2022-03-06 | CVE-2022-26496 | Out-of-bounds Write vulnerability in multiple products In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. | 9.8 |
2022-03-06 | CVE-2022-26495 | Integer Overflow or Wraparound vulnerability in multiple products In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. | 9.8 |
2022-03-03 | CVE-2022-0730 | Improper Authentication vulnerability in multiple products Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. | 9.8 |
2022-03-01 | CVE-2022-24720 | image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. | 9.8 |
2022-02-22 | CVE-2022-23608 | Use After Free vulnerability in multiple products PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. | 9.8 |
2022-02-18 | CVE-2021-3657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in mbsync versions prior to 1.4.4. | 9.8 |