Vulnerabilities > Debian > Debian Linux > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-24 | CVE-2021-4037 | Improper Access Control vulnerability in multiple products A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. | 7.8 |
2022-08-24 | CVE-2021-4204 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. | 7.1 |
2022-08-24 | CVE-2021-4213 | Memory Leak vulnerability in multiple products A flaw was found in JSS, where it did not properly free up all memory. | 7.5 |
2022-08-24 | CVE-2022-2978 | Use After Free vulnerability in multiple products A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. | 7.8 |
2022-08-23 | CVE-2020-35511 | Buffer Over-read vulnerability in multiple products A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. | 7.8 |
2022-08-23 | CVE-2022-31676 | Improper Privilege Management vulnerability in multiple products VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. | 7.8 |
2022-08-23 | CVE-2022-2946 | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0246. | 7.8 |
2022-08-23 | CVE-2021-20298 | Out-of-bounds Write vulnerability in multiple products A flaw was found in OpenEXR's B44Compressor. | 7.5 |
2022-08-23 | CVE-2021-23177 | Link Following vulnerability in multiple products An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. | 7.8 |
2022-08-23 | CVE-2021-31566 | Link Following vulnerability in multiple products An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. | 7.8 |