Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-10 | CVE-2022-22822 | Integer Overflow or Wraparound vulnerability in multiple products addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | 9.8 |
2022-01-10 | CVE-2022-22823 | Integer Overflow or Wraparound vulnerability in multiple products build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | 9.8 |
2022-01-10 | CVE-2022-22824 | Integer Overflow or Wraparound vulnerability in multiple products defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | 9.8 |
2022-01-10 | CVE-2022-22825 | Integer Overflow or Wraparound vulnerability in multiple products lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | 8.8 |
2022-01-10 | CVE-2022-22826 | Integer Overflow or Wraparound vulnerability in multiple products nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | 8.8 |
2022-01-10 | CVE-2022-22827 | Integer Overflow or Wraparound vulnerability in multiple products storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | 8.8 |
2022-01-10 | CVE-2022-22844 | Out-of-bounds Read vulnerability in multiple products LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. | 5.5 |
2022-01-10 | CVE-2020-29050 | Path Traversal vulnerability in multiple products SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations on a full pathname (e.g., a file in the /etc directory). | 7.5 |
2022-01-10 | CVE-2021-42392 | Deserialization of Untrusted Data vulnerability in multiple products The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. | 9.8 |
2022-01-10 | CVE-2021-43579 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file. | 7.8 |