Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-12-09 CVE-2022-23482 xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function.
network
low complexity
neutrinolabs debian
critical
9.1
2022-12-09 CVE-2022-23481 xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function.
network
low complexity
neutrinolabs debian
critical
9.1
2022-12-09 CVE-2022-23480 xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function.
network
low complexity
neutrinolabs debian
critical
9.8
2022-12-09 CVE-2022-23479 xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function.
network
low complexity
neutrinolabs debian
critical
9.8
2022-12-09 CVE-2022-23478 xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function.
network
low complexity
neutrinolabs debian
critical
9.8
2022-12-09 CVE-2022-23477 xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function.
network
low complexity
neutrinolabs debian
critical
9.8
2022-12-09 CVE-2022-23468 Classic Buffer Overflow vulnerability in multiple products
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function.
network
low complexity
neutrinolabs debian CWE-120
critical
9.8
2022-12-06 CVE-2022-24439 Improper Input Validation vulnerability in multiple products
All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command.
network
low complexity
gitpython-project fedoraproject debian CWE-20
critical
9.8
2022-12-05 CVE-2022-35255 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc.
network
low complexity
nodejs siemens debian CWE-338
critical
9.1
2022-12-05 CVE-2022-32221 Exposure of Resource to Wrong Sphere vulnerability in multiple products
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback.
network
low complexity
haxx netapp debian apple splunk CWE-668
critical
9.8