Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-19 | CVE-2022-1924 | Integer Overflow or Wraparound vulnerability in multiple products DOS / potential heap overwrite in mkv demuxing using lzo decompression. | 7.8 |
2022-07-19 | CVE-2022-1925 | Integer Overflow or Wraparound vulnerability in multiple products DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. | 7.8 |
2022-07-19 | CVE-2022-2122 | Integer Overflow or Wraparound vulnerability in multiple products DOS / potential heap overwrite in qtdemux using zlib decompression. | 7.8 |
2022-07-19 | CVE-2022-34169 | Incorrect Conversion between Numeric Types vulnerability in multiple products The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. | 7.5 |
2022-07-19 | CVE-2022-2469 | Out-of-bounds Read vulnerability in multiple products GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client | 8.1 |
2022-07-18 | CVE-2020-16093 | Improper Certificate Validation vulnerability in multiple products In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. | 7.5 |
2022-07-17 | CVE-2022-30550 | Improper Authentication vulnerability in multiple products An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. | 8.8 |
2022-07-14 | CVE-2022-32212 | OS Command Injection vulnerability in multiple products A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks. | 8.1 |
2022-07-12 | CVE-2022-29187 | Improper Ownership Management vulnerability in multiple products Git is a distributed revision control system. | 7.8 |
2022-07-11 | CVE-2022-35414 | Use of Uninitialized Resource vulnerability in multiple products softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. | 8.8 |