Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-07-27 CVE-2022-36946 nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
network
low complexity
linux debian netapp
7.5
7.5
2022-07-27 CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14.
local
low complexity
linux debian netapp
5.5
5.5
2022-07-26 CVE-2022-33745 insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode.
local
low complexity
xen debian fedoraproject
8.8
8.8
2022-07-25 CVE-2022-26306 Use of Insufficiently Random Values vulnerability in multiple products
LibreOffice supports the storage of passwords for web connections in the user’s configuration database.
network
low complexity
libreoffice debian CWE-330
7.5
7.5
2022-07-25 CVE-2022-26307 LibreOffice supports the storage of passwords for web connections in the user’s configuration database.
network
low complexity
libreoffice debian
8.8
8.8
2022-07-25 CVE-2020-7677 This affects the package thenify before 3.3.1.
network
low complexity
thenify-project debian fedoraproject
critical
 9.8
9.8
2022-07-24 CVE-2021-46829 Integer Overflow or Wraparound vulnerability in multiple products
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame.
local
low complexity
gnome fedoraproject debian CWE-190
7.8
7.8
2022-07-22 CVE-2022-31163 TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules.
network
high complexity
tzinfo-project debian
8.1
8.1
2022-07-20 CVE-2022-31160 jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery.
network
low complexity
jqueryui netapp drupal fedoraproject debian
6.1
6.1
2022-07-20 CVE-2021-46828 Infinite Loop vulnerability in multiple products
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled.
network
low complexity
libtirpc-project debian CWE-835
7.5
7.5