Vulnerabilities > Debian > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-23 | CVE-2022-29599 | Improper Encoding or Escaping of Output vulnerability in multiple products In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. | 9.8 |
2022-05-12 | CVE-2022-1650 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2. | 9.3 |
2022-05-04 | CVE-2022-29155 | SQL Injection vulnerability in multiple products In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. | 9.8 |
2022-05-03 | CVE-2022-1292 | OS Command Injection vulnerability in multiple products The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. | 9.8 |
2022-04-19 | CVE-2022-25648 | Argument Injection or Modification vulnerability in multiple products The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. | 9.8 |
2022-04-15 | CVE-2022-26499 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An SSRF issue was discovered in Asterisk through 19.x. | 9.1 |
2022-04-15 | CVE-2022-26651 | SQL Injection vulnerability in multiple products An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. | 9.8 |
2022-04-12 | CVE-2022-28346 | SQL Injection vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. | 9.8 |
2022-04-12 | CVE-2022-28347 | SQL Injection vulnerability in multiple products A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. | 9.8 |
2022-04-06 | CVE-2022-24786 | Out-of-bounds Write vulnerability in multiple products PJSIP is a free and open source multimedia communication library written in C. | 9.8 |