Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-29 CVE-2022-41974 Improper Privilege Management vulnerability in multiple products
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973.
local
low complexity
opensvc fedoraproject debian CWE-269
7.8
2022-10-29 CVE-2022-41973 Link Following vulnerability in multiple products
multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974.
local
low complexity
opensvc fedoraproject debian CWE-59
7.8
2022-10-26 CVE-2022-39286 Uncontrolled Search Path Element vulnerability in multiple products
Jupyter Core is a package for the core common functionality of Jupyter projects.
network
low complexity
jupyter debian fedoraproject CWE-427
8.8
2022-10-26 CVE-2022-3705 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in vim and classified as problematic.
network
high complexity
vim fedoraproject debian netapp CWE-119
7.5
2022-10-25 CVE-2022-41704 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG.
network
low complexity
apache debian CWE-918
7.5
2022-10-25 CVE-2022-42890 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript.
network
low complexity
apache debian CWE-918
7.5
2022-10-24 CVE-2022-43680 Use After Free vulnerability in multiple products
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
7.5
2022-10-21 CVE-2022-3649 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in Linux Kernel.
local
high complexity
linux debian netapp CWE-119
7.0
2022-10-21 CVE-2022-3640 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability, which was classified as critical, was found in Linux Kernel.
8.8
2022-10-21 CVE-2022-3635 Race Condition vulnerability in multiple products
A vulnerability, which was classified as critical, has been found in Linux Kernel.
local
high complexity
linux debian CWE-362
7.0