Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-02-21 CVE-2021-4115 There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. 5.5
2022-02-21 CVE-2022-0696 NULL Pointer Dereference vulnerability in multiple products
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.
local
low complexity
vim fedoraproject apple debian CWE-476
5.5
2022-02-21 CVE-2021-44142 Out-of-bounds Write vulnerability in multiple products
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes.
8.8
2022-02-20 CVE-2022-25375 Improper Validation of Specified Quantity in Input vulnerability in multiple products
An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10.
local
low complexity
linux debian CWE-1284
5.5
2022-02-20 CVE-2022-0685 Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.
local
low complexity
vim fedoraproject debian apple
7.8
2022-02-19 CVE-2016-1239 Unspecified vulnerability in Debian Duck
duck before 0.10 did not properly handle loading of untrusted code from the current directory.
network
low complexity
debian
critical
9.8
2022-02-18 CVE-2016-2124 Improper Authentication vulnerability in multiple products
A flaw was found in the way samba implemented SMB1 authentication.
network
high complexity
samba debian fedoraproject redhat canonical CWE-287
5.9
2022-02-18 CVE-2020-25717 Improper Input Validation vulnerability in multiple products
A flaw was found in the way Samba maps domain users to local users.
network
low complexity
samba debian fedoraproject redhat canonical CWE-20
8.1
2022-02-18 CVE-2020-25719 Race Condition vulnerability in multiple products
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication.
7.2
2022-02-18 CVE-2020-25722 Incorrect Authorization vulnerability in multiple products
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data.
network
low complexity
samba debian fedoraproject canonical CWE-863
8.8