Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-10 CVE-2022-25763 Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks.
network
low complexity
apache debian fedoraproject
7.5
7.5
2022-08-10 CVE-2022-28129 Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers.
network
low complexity
apache debian fedoraproject
7.5
7.5
2022-08-10 CVE-2022-31778 Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache.
network
low complexity
apache debian
7.5
7.5
2022-08-10 CVE-2022-31779 Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian fedoraproject
7.5
7.5
2022-08-10 CVE-2022-31780 Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian fedoraproject
7.5
7.5
2022-08-03 CVE-2022-31197 PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code.
network
low complexity
postgresql debian fedoraproject
8.0
8.0
2022-08-03 CVE-2022-32293 Use After Free vulnerability in multiple products
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.
network
high complexity
intel debian CWE-416
8.1
8.1
2022-08-03 CVE-2022-36359 Download of Code Without Integrity Check vulnerability in multiple products
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7.
network
low complexity
djangoproject debian CWE-494
8.8
8.8
2022-08-01 CVE-2022-2509 Double Free vulnerability in multiple products
A vulnerability found in gnutls.
network
low complexity
gnu redhat fedoraproject debian CWE-415
7.5
7.5
2022-07-28 CVE-2022-30287 Unsafe Reflection vulnerability in multiple products
Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class.
network
low complexity
horde debian CWE-470
8.0
8.0