Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-12 CVE-2021-36369 Improper Authentication vulnerability in multiple products
An issue was discovered in Dropbear through 2020.81.
network
low complexity
dropbear-ssh-project debian CWE-287
7.5
7.5
2022-10-11 CVE-2022-41404 An issue in the fetch() method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
network
low complexity
ini4j-project debian
7.5
7.5
2022-10-11 CVE-2022-20421 Use After Free vulnerability in multiple products
In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.
local
low complexity
google debian CWE-416
7.8
7.8
2022-10-11 CVE-2022-20422 Improper Locking vulnerability in multiple products
In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition.
local
high complexity
google debian CWE-667
7.0
7.0
2022-10-02 CVE-2022-42003 Deserialization of Untrusted Data vulnerability in multiple products
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
network
low complexity
fasterxml quarkus debian netapp CWE-502
7.5
7.5
2022-10-02 CVE-2022-42004 Deserialization of Untrusted Data vulnerability in multiple products
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays.
network
low complexity
fasterxml quarkus debian netapp CWE-502
7.5
7.5
2022-09-29 CVE-2022-3352 Use After Free vulnerability in multiple products
Use After Free in GitHub repository vim/vim prior to 9.0.0614.
local
low complexity
vim fedoraproject debian CWE-416
7.8
7.8
2022-09-28 CVE-2022-1270 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.
local
low complexity
graphicsmagick debian CWE-119
7.8
7.8
2022-09-28 CVE-2022-39261 Path Traversal vulnerability in multiple products
Twig is a template language for PHP.
network
low complexity
symfony drupal fedoraproject debian CWE-22
7.5
7.5
2022-09-27 CVE-2022-3324 Stack-based Buffer Overflow vulnerability in multiple products
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.
local
low complexity
vim fedoraproject debian CWE-121
7.8
7.8