Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-19 | CVE-2020-27792 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. | 7.1 |
| 2022-08-15 | CVE-2020-21365 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations. | 7.5 |
| 2022-08-10 | CVE-2021-37150 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. | 7.5 |
| 2022-08-10 | CVE-2022-25763 | HTTP Request Smuggling vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. | 7.5 |
| 2022-08-10 | CVE-2022-28129 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. | 7.5 |
| 2022-08-10 | CVE-2022-31778 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. | 7.5 |
| 2022-08-10 | CVE-2022-31779 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |
| 2022-08-10 | CVE-2022-31780 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |
| 2022-08-03 | CVE-2022-31197 | SQL Injection vulnerability in multiple products PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. | 8.0 |
| 2022-08-03 | CVE-2022-32293 | Use After Free vulnerability in multiple products In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution. | 8.1 |