Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-02 | CVE-2022-21724 | Improper Initialization vulnerability in multiple products pgjdbc is the offical PostgreSQL JDBC Driver. | 9.8 |
| 2022-02-02 | CVE-2022-24300 | Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection. | 9.8 |
| 2022-02-02 | CVE-2022-24301 | Incorrect Default Permissions vulnerability in multiple products In Minetest before 5.4.0, players can add or subtract items from a different player's inventory. | 6.5 |
| 2022-02-01 | CVE-2022-0417 | Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-02-01 | CVE-2021-43859 | Resource Exhaustion vulnerability in multiple products XStream is an open source java library to serialize objects to XML and back again. | 7.5 |
| 2022-02-01 | CVE-2022-23607 | Forced Browsing vulnerability in multiple products treq is an HTTP library inspired by requests but written on top of Twisted's Agents. | 6.5 |
| 2022-02-01 | CVE-2021-46669 | Use After Free vulnerability in multiple products MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used. | 7.5 |
| 2022-01-31 | CVE-2021-45079 | NULL Pointer Dereference vulnerability in multiple products In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication. | 9.1 |
| 2022-01-31 | CVE-2022-24130 | Classic Buffer Overflow vulnerability in multiple products xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. | 5.5 |
| 2022-01-30 | CVE-2022-0408 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 7.8 |