Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-08-05 CVE-2022-37434 Out-of-bounds Write vulnerability in multiple products
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.
network
low complexity
zlib fedoraproject debian netapp apple stormshield CWE-787
critical
 9.8
9.8
2022-08-03 CVE-2022-31197 PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code.
network
low complexity
postgresql debian fedoraproject
8.0
8.0
2022-08-03 CVE-2022-32292 Out-of-bounds Write vulnerability in multiple products
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
network
low complexity
intel debian CWE-787
critical
 9.8
9.8
2022-08-03 CVE-2022-32293 Use After Free vulnerability in multiple products
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.
network
high complexity
intel debian CWE-416
8.1
8.1
2022-08-03 CVE-2022-36359 Download of Code Without Integrity Check vulnerability in multiple products
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7.
network
low complexity
djangoproject debian CWE-494
8.8
8.8
2022-08-01 CVE-2022-2598 Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
local
low complexity
vim debian
5.5
5.5
2022-08-01 CVE-2022-2509 Double Free vulnerability in multiple products
A vulnerability found in gnutls.
network
low complexity
gnu redhat fedoraproject debian CWE-415
7.5
7.5
2022-07-29 CVE-2022-34526 Out-of-bounds Write vulnerability in multiple products
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0.
network
low complexity
libtiff fedoraproject netapp debian CWE-787
6.5
6.5
2022-07-28 CVE-2022-30287 Unsafe Reflection vulnerability in multiple products
Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class.
network
low complexity
horde debian CWE-470
8.0
8.0
2022-07-28 CVE-2022-2553 The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node.
network
low complexity
clusterlabs debian fedoraproject
6.5
6.5