Vulnerabilities > Debian > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-16 | CVE-2021-43301 | Stack overflow in PJSUA API when calling pjsua_playlist_create. | 9.8 |
| 2022-02-16 | CVE-2021-43302 | Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. | 9.1 |
| 2022-02-16 | CVE-2021-43303 | Buffer overflow in PJSUA API when calling pjsua_call_dump. | 9.8 |
| 2022-02-16 | CVE-2022-25235 | Improper Encoding or Escaping of Output vulnerability in multiple products xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. | 9.8 |
| 2022-02-16 | CVE-2022-25236 | Exposure of Resource to Wrong Sphere vulnerability in multiple products xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | 9.8 |
| 2022-02-14 | CVE-2022-0582 | NULL Pointer Dereference vulnerability in multiple products Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | 9.8 |
| 2022-02-11 | CVE-2021-20001 | Incorrect Default Permissions vulnerability in multiple products It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation. | 9.8 |
| 2022-02-11 | CVE-2022-23806 | Unchecked Return Value vulnerability in multiple products Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. | 9.1 |
| 2022-02-05 | CVE-2021-38172 | Classic Buffer Overflow vulnerability in Debian Perm 0.4.0 perM 0.4.0 has a Buffer Overflow related to strncpy. | 9.8 |
| 2022-02-04 | CVE-2022-23614 | Code Injection vulnerability in multiple products Twig is an open source template language for PHP. | 9.8 |