Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-09 CVE-2022-30333 Path Traversal vulnerability in multiple products
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file.
network
low complexity
rarlab debian CWE-22
7.5
2022-05-08 CVE-2022-28463 Classic Buffer Overflow vulnerability in multiple products
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
local
low complexity
imagemagick debian CWE-120
7.8
2022-05-08 CVE-2022-1619 Heap-based Buffer Overflow vulnerability in multiple products
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
local
low complexity
vim fedoraproject debian netapp apple CWE-122
7.8
2022-05-08 CVE-2018-25033 Out-of-bounds Read vulnerability in multiple products
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a.
network
low complexity
admesh-project debian CWE-125
8.1
2022-05-07 CVE-2022-1616 Use After Free vulnerability in multiple products
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895.
local
low complexity
vim fedoraproject debian apple CWE-416
7.8
2022-05-06 CVE-2022-30293 Out-of-bounds Write vulnerability in multiple products
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.
network
high complexity
webkitgtk debian CWE-787
7.5
2022-05-06 CVE-2022-24884 Improper Verification of Cryptographic Signature vulnerability in multiple products
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify).
7.5
2022-05-06 CVE-2022-24903 Improper Validation of Specified Quantity in Input vulnerability in multiple products
Rsyslog is a rocket-fast system for log processing.
network
high complexity
rsyslog fedoraproject debian netapp CWE-1284
8.1
2022-05-05 CVE-2022-29500 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
network
low complexity
schedmd fedoraproject debian
8.8
2022-05-05 CVE-2022-29501 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
network
low complexity
schedmd fedoraproject debian
8.8