Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-26 | CVE-2022-0361 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-01-26 | CVE-2022-0359 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-01-25 | CVE-2022-0351 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-01-25 | CVE-2022-23033 | Improper Resource Shutdown or Release vulnerability in multiple products arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_entry with mfn set to INVALID_MFN) do not actually clear the pagetable entry if the entry doesn't have the valid bit set. | 7.8 |
| 2022-01-25 | CVE-2021-45342 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. | 7.8 |
| 2022-01-25 | CVE-2021-45844 | OS Command Injection vulnerability in multiple products Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. | 7.8 |
| 2022-01-25 | CVE-2021-45845 | OS Command Injection vulnerability in multiple products The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document. | 7.8 |
| 2022-01-25 | CVE-2021-45341 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. | 8.8 |
| 2022-01-21 | CVE-2022-23837 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. | 7.5 |
| 2022-01-20 | CVE-2021-45417 | Out-of-bounds Write vulnerability in multiple products AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. local low complexity advanced-intrusion-detection-environment-project redhat fedoraproject canonical debian CWE-787 | 7.8 |