Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-11 | CVE-2022-33747 | Improper Resource Shutdown or Release vulnerability in multiple products Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. | 3.8 |
2022-10-11 | CVE-2022-33748 | Improper Handling of Exceptional Conditions vulnerability in multiple products lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. | 5.6 |
2022-10-11 | CVE-2022-37616 | A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. | 9.8 |
2022-10-08 | CVE-2022-3435 | A vulnerability classified as problematic has been found in Linux Kernel. | 4.3 |
2022-10-06 | CVE-2022-41853 | Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. | 9.8 |
2022-10-02 | CVE-2022-42003 | Deserialization of Untrusted Data vulnerability in multiple products In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. | 7.5 |
2022-10-02 | CVE-2022-42004 | Deserialization of Untrusted Data vulnerability in multiple products In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. | 7.5 |
2022-09-30 | CVE-2022-41849 | Use After Free vulnerability in multiple products drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. | 4.2 |
2022-09-30 | CVE-2022-41850 | Use After Free vulnerability in multiple products roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. | 4.7 |
2022-09-29 | CVE-2022-3352 | Use After Free in GitHub repository vim/vim prior to 9.0.0614. | 7.8 |