Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-13 | CVE-2022-42906 | Command Injection vulnerability in multiple products powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. | 7.8 |
| 2022-10-12 | CVE-2021-36369 | Improper Authentication vulnerability in multiple products An issue was discovered in Dropbear through 2020.81. | 7.5 |
| 2022-10-12 | CVE-2022-37601 | Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. | 9.8 |
| 2022-10-11 | CVE-2022-41404 | An issue in the fetch() method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. | 7.5 |
| 2022-10-11 | CVE-2022-3140 | Argument Injection or Modification vulnerability in multiple products LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. | 6.3 |
| 2022-10-11 | CVE-2022-20421 | Use After Free vulnerability in multiple products In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. | 7.8 |
| 2022-10-11 | CVE-2022-20422 | Improper Locking vulnerability in multiple products In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. | 7.0 |
| 2022-10-11 | CVE-2022-33746 | Improper Resource Shutdown or Release vulnerability in multiple products P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. | 6.5 |
| 2022-10-11 | CVE-2022-33747 | Improper Resource Shutdown or Release vulnerability in multiple products Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. | 3.8 |
| 2022-10-11 | CVE-2022-33748 | Improper Handling of Exceptional Conditions vulnerability in multiple products lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. | 5.6 |