Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-27 CVE-2022-1897 Out-of-bounds Write vulnerability in multiple products
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject apple debian CWE-787
7.8
7.8
2022-05-27 CVE-2022-1898 Use After Free vulnerability in multiple products
Use After Free in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian apple CWE-416
7.8
7.8
2022-05-26 CVE-2022-22576 Missing Authentication for Critical Function vulnerability in multiple products
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer.
network
low complexity
haxx debian netapp brocade splunk CWE-306
8.1
8.1
2022-05-26 CVE-2022-30784 Classic Buffer Overflow vulnerability in multiple products
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
local
low complexity
tuxera debian fedoraproject CWE-120
7.8
7.8
2022-05-26 CVE-2022-30786 Out-of-bounds Write vulnerability in multiple products
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
local
low complexity
tuxera fedoraproject debian CWE-787
7.8
7.8
2022-05-26 CVE-2022-30788 Out-of-bounds Write vulnerability in multiple products
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
local
low complexity
tuxera fedoraproject debian CWE-787
7.8
7.8
2022-05-26 CVE-2022-30789 Out-of-bounds Write vulnerability in multiple products
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
local
low complexity
tuxera debian fedoraproject CWE-787
7.8
7.8
2022-05-25 CVE-2022-29248 Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products
Guzzle is a PHP HTTP client.
network
low complexity
guzzlephp drupal debian CWE-565
8.1
8.1
2022-05-25 CVE-2022-1851 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian apple CWE-125
7.8
7.8
2022-05-24 CVE-2022-29221 Code Injection vulnerability in multiple products
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty debian fedoraproject CWE-94
8.8
8.8