Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-06 CVE-2022-1966 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nf_tables_api.c.
local
low complexity
linux redhat fedoraproject debian CWE-416
7.2
2022-06-02 CVE-2022-31799 Improper Handling of Exceptional Conditions vulnerability in multiple products
Bottle before 0.12.20 mishandles errors during early request binding.
network
low complexity
bottlepy debian CWE-755
7.5
2022-05-26 CVE-2022-26691 Improper Privilege Management vulnerability in multiple products
A logic issue was addressed with improved state management.
7.2
2022-05-26 CVE-2022-1664 Path Traversal vulnerability in Debian Linux and Dpkg
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability.
network
low complexity
debian CWE-22
7.5
2022-05-04 CVE-2022-20770 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco fedoraproject debian
7.8
2022-05-04 CVE-2022-20771 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco fedoraproject debian
7.8
2022-05-04 CVE-2022-20785 Memory Leak vulnerability in multiple products
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco fedoraproject debian CWE-401
7.8
2022-05-02 CVE-2021-46790 Out-of-bounds Write vulnerability in multiple products
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2.
network
low complexity
tuxera debian CWE-787
7.5
2022-04-27 CVE-2022-27239 Out-of-bounds Write vulnerability in multiple products
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
local
low complexity
samba debian suse hp CWE-787
7.2
2022-04-12 CVE-2022-28346 SQL Injection vulnerability in multiple products
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4.
network
low complexity
djangoproject debian CWE-89
7.5