Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-30 CVE-2022-25857 XML Entity Expansion vulnerability in multiple products
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
network
low complexity
snakeyaml-project debian CWE-776
7.5
2022-08-30 CVE-2022-39028 NULL Pointer Dereference vulnerability in multiple products
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8.
network
low complexity
gnu mit debian netkit-telnet-project CWE-476
7.5
2022-08-30 CVE-2022-38784 Integer Overflow or Wraparound vulnerability in multiple products
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc).
local
low complexity
freedesktop debian fedoraproject CWE-190
7.8
2022-08-29 CVE-2022-0367 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.
local
low complexity
libmodbus fedoraproject debian CWE-787
7.8
2022-08-26 CVE-2021-3563 Incorrect Authorization vulnerability in multiple products
A flaw was found in openstack-keystone.
network
high complexity
openstack debian redhat CWE-863
7.4
2022-08-26 CVE-2021-3864 Improper Access Control vulnerability in multiple products
A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants.
local
high complexity
linux debian redhat CWE-284
7.0
2022-08-25 CVE-2022-0135 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer).
7.8
2022-08-25 CVE-2022-2255 Insufficient Verification of Data Authenticity vulnerability in multiple products
A vulnerability was found in mod_wsgi.
network
low complexity
modwsgi debian CWE-345
7.5
2022-08-25 CVE-2022-22728 Classic Buffer Overflow vulnerability in multiple products
A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads.
network
low complexity
apache fedoraproject debian CWE-120
7.5
2022-08-24 CVE-2022-32893 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write issue was addressed with improved bounds checking.
8.8