Vulnerabilities > Debian > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-06 | CVE-2022-2735 | Incorrect Default Permissions vulnerability in multiple products A vulnerability was found in the PCS project. | 7.8 |
| 2022-09-05 | CVE-2022-3008 | Command Injection vulnerability in multiple products The tinygltf library uses the C library function wordexp() to perform file path expansion on untrusted paths that are provided from the input file. | 8.8 |
| 2022-09-03 | CVE-2022-3099 | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0360. | 7.8 |
| 2022-09-02 | CVE-2020-29260 | Resource Exhaustion vulnerability in multiple products libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup(). | 7.5 |
| 2022-09-02 | CVE-2022-39176 | BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. | 8.8 |
| 2022-09-02 | CVE-2022-39177 | BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. | 8.8 |
| 2022-09-01 | CVE-2022-2996 | Improper Certificate Validation vulnerability in multiple products A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. | 7.4 |
| 2022-08-31 | CVE-2022-1271 | Improper Input Validation vulnerability in multiple products An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. | 8.8 |
| 2022-08-31 | CVE-2022-2132 | A permissive list of allowed inputs flaw was found in DPDK. | 8.6 |
| 2022-08-31 | CVE-2022-3028 | Out-of-bounds Write vulnerability in multiple products A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. | 7.0 |