Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-28 | CVE-2022-26291 | Use After Free vulnerability in multiple products lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). | 5.5 |
2022-03-25 | CVE-2021-3582 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. | 6.5 |
2022-03-25 | CVE-2021-3933 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. | 5.5 |
2022-03-25 | CVE-2021-3941 | Divide By Zero vulnerability in multiple products In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. | 6.5 |
2022-03-25 | CVE-2022-0494 | Use of Uninitialized Resource vulnerability in multiple products A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. | 4.4 |
2022-03-24 | CVE-2022-24769 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Moby is an open-source project created by Docker to enable and accelerate software containerization. | 5.9 |
2022-03-23 | CVE-2021-4149 | Improper Locking vulnerability in multiple products A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. | 5.5 |
2022-03-23 | CVE-2022-0854 | Memory Leak vulnerability in multiple products A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. | 5.5 |
2022-03-17 | CVE-2022-24302 | Race Condition vulnerability in multiple products In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. | 5.9 |
2022-03-16 | CVE-2021-20257 | Infinite Loop vulnerability in multiple products An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. | 6.5 |