Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-19 | CVE-2022-2469 | Out-of-bounds Read vulnerability in multiple products GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client | 8.1 |
| 2022-07-18 | CVE-2021-33655 | Out-of-bounds Write vulnerability in multiple products When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. | 6.7 |
| 2022-07-18 | CVE-2021-33656 | Out-of-bounds Write vulnerability in multiple products When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. | 6.8 |
| 2022-07-18 | CVE-2020-16093 | Improper Certificate Validation vulnerability in multiple products In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. | 7.5 |
| 2022-07-18 | CVE-2021-40874 | Improper Authentication vulnerability in multiple products An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. | 9.8 |
| 2022-07-17 | CVE-2021-46784 | Reachable Assertion vulnerability in multiple products In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. | 6.5 |
| 2022-07-17 | CVE-2022-30550 | Improper Authentication vulnerability in multiple products An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. | 8.8 |
| 2022-07-15 | CVE-2022-35409 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. | 9.1 |
| 2022-07-14 | CVE-2022-23825 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | 6.5 |
| 2022-07-14 | CVE-2022-32212 | OS Command Injection vulnerability in multiple products A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks. | 8.1 |