Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-11 CVE-2022-24754 PJSIP is a free and open source multimedia communication library written in C language.
network
low complexity
teluu debian
critical
 9.8
9.8
2022-03-10 CVE-2022-26520 In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties.
network
low complexity
postgresql debian
critical
 9.8
9.8
2022-03-10 CVE-2021-33293 Out-of-bounds Read vulnerability in multiple products
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c.
network
low complexity
libpano13-project debian CWE-125
critical
 9.1
9.1
2022-03-06 CVE-2022-26495 Integer Overflow or Wraparound vulnerability in multiple products
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow.
network
low complexity
network-block-device-project debian fedoraproject CWE-190
critical
 9.8
9.8
2022-03-06 CVE-2022-26496 Out-of-bounds Write vulnerability in multiple products
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow.
network
low complexity
network-block-device-project debian fedoraproject CWE-787
critical
 9.8
9.8
2022-03-03 CVE-2022-0730 Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types.
network
low complexity
cacti debian fedoraproject
critical
 9.8
9.8
2022-03-01 CVE-2022-24720 image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick.
network
low complexity
image-processing-project debian
critical
 9.8
9.8
2022-02-22 CVE-2022-23608 PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE.
network
low complexity
teluu asterisk sangoma debian
critical
 9.8
9.8
2022-02-19 CVE-2016-1239 Unspecified vulnerability in Debian Duck
duck before 0.10 did not properly handle loading of untrusted code from the current directory.
network
low complexity
debian
critical
 9.8
9.8
2022-02-18 CVE-2021-3657 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in mbsync versions prior to 1.4.4.
network
low complexity
isync-project fedoraproject redhat debian CWE-119
critical
 9.8
9.8