Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-17 CVE-2022-3545 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability has been found in Linux Kernel and classified as critical.
local
low complexity
linux netapp debian CWE-119
7.8
2022-10-14 CVE-2022-41674 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.19.16.
8.1
2022-10-14 CVE-2022-42720 Use After Free vulnerability in multiple products
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
local
low complexity
linux fedoraproject debian CWE-416
7.8
2022-10-13 CVE-2022-42719 Use After Free vulnerability in multiple products
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
8.8
2022-10-13 CVE-2022-42902 In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code execution in lava_server/lavatable.py.
network
low complexity
linaro debian
8.8
2022-10-13 CVE-2022-42906 Command Injection vulnerability in multiple products
powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution.
7.8
2022-10-12 CVE-2021-36369 Improper Authentication vulnerability in multiple products
An issue was discovered in Dropbear through 2020.81.
network
low complexity
dropbear-ssh-project debian CWE-287
7.5
2022-10-11 CVE-2022-41404 An issue in the fetch() method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
network
low complexity
ini4j-project debian
7.5
2022-10-11 CVE-2022-20421 Use After Free vulnerability in multiple products
In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.
local
low complexity
google debian CWE-416
7.8
2022-10-11 CVE-2022-20422 Improper Locking vulnerability in multiple products
In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition.
local
high complexity
google debian CWE-667
7.0