Vulnerabilities > Debian > Debian Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-28 | CVE-2022-23122 | Out-of-bounds Write vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. | 9.8 |
| 2023-03-28 | CVE-2022-23121 | Improper Handling of Exceptional Conditions vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. | 9.8 |
| 2023-03-28 | CVE-2022-0194 | Out-of-bounds Write vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. | 9.8 |
| 2023-02-28 | CVE-2023-27372 | SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. | 9.8 |
| 2023-02-20 | CVE-2022-48337 | OS Command Injection vulnerability in multiple products GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. | 9.8 |
| 2023-02-14 | CVE-2023-25725 | HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. | 9.1 |
| 2023-01-10 | CVE-2022-4338 | Out-of-bounds Read vulnerability in multiple products An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. | 9.8 |
| 2023-01-10 | CVE-2022-4337 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. | 9.8 |
| 2022-12-22 | CVE-2022-41838 | Heap-based Buffer Overflow vulnerability in multiple products A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. | 9.8 |
| 2022-12-22 | CVE-2022-41837 | Return of Stack Variable Address vulnerability in multiple products An out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. | 9.8 |