Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-26 | CVE-2022-24999 | qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. | 7.5 |
2022-11-23 | CVE-2022-44789 | Out-of-bounds Write vulnerability in multiple products A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file. | 8.8 |
2022-11-15 | CVE-2022-41916 | Off-by-one Error vulnerability in multiple products Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. | 7.5 |
2022-11-13 | CVE-2022-3970 | Numeric Errors vulnerability in multiple products A vulnerability was found in LibTIFF. | 8.8 |
2022-11-12 | CVE-2022-45188 | Out-of-bounds Write vulnerability in multiple products Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. | 7.8 |
2022-11-09 | CVE-2022-45060 | An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. | 7.5 |
2022-11-09 | CVE-2022-3885 | Use After Free vulnerability in multiple products Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2022-11-09 | CVE-2022-3886 | Use After Free vulnerability in multiple products Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2022-11-09 | CVE-2022-3887 | Use After Free vulnerability in multiple products Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2022-11-09 | CVE-2022-3888 | Use After Free vulnerability in multiple products Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |