Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-09 CVE-2022-31214 Improper Privilege Management vulnerability in multiple products
A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68.
7.8
2022-06-02 CVE-2022-32250 Use After Free vulnerability in multiple products
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
local
low complexity
linux fedoraproject debian netapp CWE-416
7.8
2022-06-02 CVE-2022-1419 Use After Free vulnerability in multiple products
The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.
local
low complexity
linux debian CWE-416
7.8
2022-06-02 CVE-2022-1652 Use After Free vulnerability in multiple products
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function.
local
low complexity
linux redhat debian netapp CWE-416
7.8
2022-06-02 CVE-2022-1968 Use After Free vulnerability in multiple products
Use After Free in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim debian apple CWE-416
7.8
2022-06-02 CVE-2022-27775 An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.
network
low complexity
haxx debian netapp brocade splunk
7.5
2022-06-02 CVE-2022-27781 Infinite Loop vulnerability in multiple products
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
network
low complexity
haxx debian netapp splunk CWE-835
7.5
2022-06-02 CVE-2022-27782 Improper Certificate Validation vulnerability in multiple products
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup.
network
low complexity
haxx debian splunk CWE-295
7.5
2022-05-31 CVE-2022-31001 Out-of-bounds Read vulnerability in multiple products
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library.
network
low complexity
signalwire debian CWE-125
7.5
2022-05-31 CVE-2022-31002 Out-of-bounds Read vulnerability in multiple products
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library.
network
low complexity
signalwire debian CWE-125
7.5