VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Debian
>
Debian Linux
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-09-05
CVE-2022-3008
Command Injection vulnerability in multiple products
The tinygltf library uses the C library function wordexp() to perform file path expansion on untrusted paths that are provided from the input file.
network
low complexity
tinygltf-project
debian
CWE-77
8.8
8.8
2022-09-03
CVE-2022-3099
Use After Free in GitHub repository vim/vim prior to 9.0.0360.
local
low complexity
vim
fedoraproject
debian
7.8
7.8
2022-09-02
CVE-2020-29260
Resource Exhaustion vulnerability in multiple products
libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().
network
low complexity
libvncserver-project
debian
CWE-400
7.5
7.5
2022-09-02
CVE-2022-39176
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.
low complexity
bluez
canonical
debian
8.8
8.8
2022-09-02
CVE-2022-39177
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.
low complexity
bluez
canonical
debian
8.8
8.8
2022-09-01
CVE-2022-2996
A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified.
network
high complexity
python-scciclient-project
debian
7.4
7.4
2022-08-31
CVE-2022-1271
Improper Input Validation vulnerability in multiple products
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility.
network
low complexity
gnu
redhat
debian
tukaani
CWE-20
8.8
8.8
2022-08-31
CVE-2022-2132
A permissive list of allowed inputs flaw was found in DPDK.
network
low complexity
dpdk
fedoraproject
debian
redhat
8.6
8.6
2022-08-31
CVE-2022-3028
Out-of-bounds Write vulnerability in multiple products
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously.
local
high complexity
linux
fedoraproject
debian
CWE-787
7.0
7.0
2022-08-30
CVE-2022-25857
XML Entity Expansion vulnerability in multiple products
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
network
low complexity
snakeyaml-project
debian
CWE-776
7.5
7.5
«
Previous
1
2
...
39
40
41
(current)
42
43
...
344
345
»
Next