Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-04-29 CVE-2021-4207 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in the QXL display device emulation in QEMU.
local
low complexity
qemu redhat debian CWE-120
8.2
2022-04-29 CVE-2022-1048 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params.
local
high complexity
linux redhat debian netapp CWE-416
7.0
2022-04-29 CVE-2022-1195 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio.
local
low complexity
linux debian CWE-416
5.5
2022-04-29 CVE-2022-1353 A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel.
local
low complexity
linux debian redhat netapp
7.1
2022-04-28 CVE-2022-29869 Information Exposure Through Log Files vulnerability in multiple products
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.
network
low complexity
samba fedoraproject debian CWE-532
5.3
2022-04-27 CVE-2022-27239 Out-of-bounds Write vulnerability in multiple products
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
local
low complexity
samba debian suse hp fedoraproject CWE-787
7.8
2022-04-25 CVE-2022-1441 Out-of-bounds Read vulnerability in multiple products
MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion.
local
low complexity
gpac debian CWE-125
7.8
2022-04-25 CVE-2022-24792 PJSIP is a free and open source multimedia communication library written in C.
network
low complexity
teluu debian
7.5
2022-04-25 CVE-2019-25059 Artifex Ghostscript through 9.26 mishandles .completefont.
local
low complexity
artifex debian
7.8
2022-04-22 CVE-2022-29582 Race Condition vulnerability in multiple products
In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts.
local
high complexity
linux debian CWE-362
7.0