Vulnerabilities > Debian > Debian Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2022-23614 | Code Injection vulnerability in multiple products Twig is an open source template language for PHP. | 9.8 |
| 2022-02-02 | CVE-2022-21724 | Improper Initialization vulnerability in multiple products pgjdbc is the offical PostgreSQL JDBC Driver. | 9.8 |
| 2022-02-02 | CVE-2022-24300 | Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection. | 9.8 |
| 2022-01-31 | CVE-2021-45079 | NULL Pointer Dereference vulnerability in multiple products In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication. | 9.1 |
| 2022-01-28 | CVE-2022-23097 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the DNS proxy in Connman through 1.40. | 9.1 |
| 2022-01-28 | CVE-2022-23096 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the DNS proxy in Connman through 1.40. | 9.1 |
| 2022-01-27 | CVE-2022-21723 | Out-of-bounds Read vulnerability in multiple products PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. | 9.1 |
| 2022-01-27 | CVE-2022-21722 | Out-of-bounds Read vulnerability in multiple products PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. | 9.1 |
| 2022-01-26 | CVE-2022-23959 | HTTP Request Smuggling vulnerability in multiple products In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections. | 9.1 |
| 2022-01-25 | CVE-2021-3850 | Improper Authentication vulnerability in multiple products Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21. | 9.1 |