Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-08-23 CVE-2021-20298 Out-of-bounds Write vulnerability in multiple products
A flaw was found in OpenEXR's B44Compressor.
network
low complexity
openexr debian CWE-787
7.5
7.5
2022-08-23 CVE-2021-20316 Race Condition vulnerability in multiple products
A flaw was found in the way Samba handled file/directory metadata.
network
high complexity
samba debian redhat CWE-362
6.8
6.8
2022-08-23 CVE-2021-23177 An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link.
local
low complexity
libarchive fedoraproject redhat debian
7.8
7.8
2022-08-23 CVE-2021-31566 An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. 7.8
7.8
2022-08-23 CVE-2021-3759 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores.
local
low complexity
linux debian CWE-770
5.5
5.5
2022-08-23 CVE-2021-3800 A flaw was found in glib before version 2.63.6.
local
low complexity
gnome debian netapp
5.5
5.5
2022-08-22 CVE-2022-2873 Incorrect Calculation of Buffer Size vulnerability in multiple products
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. 		5.5
5.5
2022-08-19 CVE-2020-27792 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file.
local
low complexity
artifex debian CWE-119
7.1
7.1
2022-08-18 CVE-2022-26373 Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
local
low complexity
intel debian
5.5
5.5
2022-08-18 CVE-2021-32862 Cross-site Scripting vulnerability in multiple products
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert.
network
low complexity
jupyter debian CWE-79
5.4
5.4