Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-04-18 CVE-2020-35630 Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
network
low complexity
cgal debian
8.8
8.8
2022-04-18 CVE-2020-35631 Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
network
low complexity
cgal debian
8.8
8.8
2022-04-18 CVE-2020-35632 Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
network
low complexity
cgal debian
8.8
8.8
2022-04-18 CVE-2021-3624 Integer Overflow or Wraparound vulnerability in multiple products
There is an integer overflow vulnerability in dcraw.
local
low complexity
dcraw-project debian CWE-190
7.8
7.8
2022-04-15 CVE-2022-24851 Cross-site Scripting vulnerability in multiple products
LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory.
network
low complexity
ldap-account-manager debian CWE-79
4.8
4.8
2022-04-15 CVE-2022-28041 Integer Overflow or Wraparound vulnerability in multiple products
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc.
network
low complexity
nothings fedoraproject debian CWE-190
6.5
6.5
2022-04-15 CVE-2022-28042 Use After Free vulnerability in multiple products
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.
network
low complexity
nothings fedoraproject debian CWE-416
8.8
8.8
2022-04-15 CVE-2022-28044 Out-of-bounds Write vulnerability in multiple products
Irzip v0.640 was discovered to contain a heap memory corruption via the component lrzip.c:initialise_control.
network
low complexity
irzip-project debian CWE-787
critical
 9.8
9.8
2022-04-15 CVE-2022-26498 Resource Exhaustion vulnerability in multiple products
An issue was discovered in Asterisk through 19.x.
network
low complexity
digium debian CWE-400
7.5
7.5
2022-04-15 CVE-2022-26499 Server-Side Request Forgery (SSRF) vulnerability in multiple products
An SSRF issue was discovered in Asterisk through 19.x.
network
low complexity
digium debian CWE-918
critical
 9.1
9.1