Vulnerabilities > Debian > Debian Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2023-10-18 CVE-2023-45145 Redis is an in-memory database that persists on disk.
local
high complexity
redis fedoraproject debian
3.6
2023-06-13 CVE-2023-20867 Improper Authentication vulnerability in multiple products
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
local
high complexity
vmware debian fedoraproject CWE-287
3.9
2023-06-06 CVE-2023-2602 Memory Leak vulnerability in multiple products
A vulnerability was found in the pthread_create() function in libcap.
3.3
2022-10-21 CVE-2022-3633 A vulnerability classified as problematic has been found in Linux Kernel.
local
low complexity
linux debian
3.3
2022-10-21 CVE-2022-3629 Memory Leak vulnerability in multiple products
A vulnerability was found in Linux Kernel.
local
low complexity
linux debian CWE-401
3.3
2022-10-16 CVE-2022-3521 A vulnerability has been found in Linux Kernel and classified as problematic.
local
high complexity
linux debian
2.5
2022-10-11 CVE-2022-33747 Improper Resource Shutdown or Release vulnerability in multiple products
Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g.
local
low complexity
xen fedoraproject debian CWE-404
3.8
2022-09-28 CVE-2021-43980 The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client.
network
high complexity
apache debian
3.7
2022-09-23 CVE-2022-35252 When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses.
network
high complexity
haxx netapp apple debian splunk
3.7
2022-07-07 CVE-2022-2047 Improper Input Validation vulnerability in multiple products
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname.
network
low complexity
eclipse debian netapp CWE-20
2.7