Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-07-28 CVE-2022-30287 Unsafe Reflection vulnerability in multiple products
Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class.
network
low complexity
horde debian CWE-470
8.0
8.0
2022-07-28 CVE-2022-2553 The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node.
network
low complexity
clusterlabs debian fedoraproject
6.5
6.5
2022-07-27 CVE-2022-36946 nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
network
low complexity
linux debian netapp
7.5
7.5
2022-07-27 CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14.
local
low complexity
linux debian netapp
5.5
5.5
2022-07-26 CVE-2022-33745 insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode.
local
low complexity
xen debian fedoraproject
8.8
8.8
2022-07-25 CVE-2022-26306 Use of Insufficiently Random Values vulnerability in multiple products
LibreOffice supports the storage of passwords for web connections in the user’s configuration database.
network
low complexity
libreoffice debian CWE-330
7.5
7.5
2022-07-25 CVE-2022-26307 LibreOffice supports the storage of passwords for web connections in the user’s configuration database.
network
low complexity
libreoffice debian
8.8
8.8
2022-07-25 CVE-2020-7677 This affects the package thenify before 3.3.1.
network
low complexity
thenify-project debian fedoraproject
critical
 9.8
9.8
2022-07-24 CVE-2021-46829 Integer Overflow or Wraparound vulnerability in multiple products
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame.
local
low complexity
gnome fedoraproject debian CWE-190
7.8
7.8
2022-07-22 CVE-2022-31163 TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules.
network
high complexity
tzinfo-project debian
8.1
8.1