Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-03-30 CVE-2023-27538 Improper Authentication vulnerability in multiple products
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. 		5.5
5.5
2023-03-28 CVE-2022-0194 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-787
critical
 9.8
9.8
2023-03-28 CVE-2022-23121 Improper Handling of Exceptional Conditions vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-755
critical
 9.8
9.8
2023-03-28 CVE-2022-23122 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-787
critical
 9.8
9.8
2023-03-28 CVE-2022-23123 Out-of-bounds Read vulnerability in multiple products
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-125
critical
 9.8
9.8
2023-03-28 CVE-2022-23124 Out-of-bounds Read vulnerability in multiple products
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-125
critical
 9.8
9.8
2023-03-28 CVE-2022-23125 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-787
critical
 9.8
9.8
2023-03-27 CVE-2023-1077 Type Confusion vulnerability in multiple products
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.
local
high complexity
linux debian netapp CWE-843
7.0
7.0
2023-03-27 CVE-2023-1380 Out-of-bounds Read vulnerability in multiple products
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel.
local
low complexity
redhat linux netapp debian canonical CWE-125
7.1
7.1
2023-03-24 CVE-2023-28686 Authorization Bypass Through User-Controlled Key vulnerability in multiple products
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message.
network
low complexity
dino fedoraproject debian CWE-639
7.1
7.1