Vulnerabilities > Debian > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-19 | CVE-2022-28203 | Release of Invalid Pointer or Reference vulnerability in multiple products A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. | 7.5 |
| 2022-09-18 | CVE-2022-3235 | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0490. | 7.8 |
| 2022-09-17 | CVE-2022-3234 | Heap-based Buffer Overflow vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. | 7.8 |
| 2022-09-16 | CVE-2022-3176 | Use After Free vulnerability in multiple products There exists a use-after-free in io_uring in the Linux kernel. | 7.8 |
| 2022-09-16 | CVE-2022-40149 | Out-of-bounds Write vulnerability in multiple products Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). | 7.5 |
| 2022-09-16 | CVE-2022-40150 | Uncontrolled Recursion vulnerability in multiple products Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). | 7.5 |
| 2022-09-14 | CVE-2022-40674 | Use After Free vulnerability in multiple products libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. | 8.1 |
| 2022-09-12 | CVE-2022-37797 | NULL Pointer Dereference vulnerability in multiple products In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. | 7.5 |
| 2022-09-07 | CVE-2022-40023 | Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. | 7.5 |
| 2022-09-06 | CVE-2022-3134 | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0389. | 7.8 |