Vulnerabilities > Debian > Debian Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2022-10-21 CVE-2022-3633 Memory Leak vulnerability in multiple products
A vulnerability classified as problematic has been found in Linux Kernel.
local
low complexity
linux debian CWE-401
3.3
2022-10-21 CVE-2022-3629 Memory Leak vulnerability in multiple products
A vulnerability was found in Linux Kernel.
local
low complexity
linux debian CWE-401
3.3
2022-10-16 CVE-2022-3521 Race Condition vulnerability in multiple products
A vulnerability has been found in Linux Kernel and classified as problematic.
local
high complexity
linux debian CWE-362
2.5
2022-10-11 CVE-2022-33747 Resource Exhaustion vulnerability in multiple products
Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g.
local
low complexity
xen fedoraproject debian CWE-400
3.8
2022-09-28 CVE-2021-43980 Race Condition vulnerability in multiple products
The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client.
network
high complexity
apache debian CWE-362
3.7
2022-09-23 CVE-2022-35252 When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses.
network
high complexity
haxx netapp apple debian
3.7
2022-07-07 CVE-2022-2047 Improper Input Validation vulnerability in multiple products
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname.
network
low complexity
eclipse debian netapp CWE-20
2.7
2022-06-18 CVE-2022-33981 Use After Free vulnerability in multiple products
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
local
low complexity
linux debian CWE-416
3.3
2022-06-15 CVE-2022-21166 Incomplete Cleanup vulnerability in multiple products
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
xen fedoraproject intel vmware debian CWE-459
2.1
2022-06-15 CVE-2022-21123 Incomplete Cleanup vulnerability in multiple products
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
xen fedoraproject intel vmware debian CWE-459
2.1