Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-04 CVE-2022-20770 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco fedoraproject debian
7.5
2022-05-04 CVE-2022-20771 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco fedoraproject debian
7.5
2022-05-04 CVE-2022-20785 Memory Leak vulnerability in multiple products
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco fedoraproject debian CWE-401
7.5
2022-05-02 CVE-2021-42529 Stack-based Buffer Overflow vulnerability in multiple products
XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-121
7.8
2022-05-02 CVE-2021-42530 Stack-based Buffer Overflow vulnerability in multiple products
XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-121
7.8
2022-05-02 CVE-2021-42531 Stack-based Buffer Overflow vulnerability in multiple products
XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-121
7.8
2022-05-02 CVE-2021-42532 Stack-based Buffer Overflow vulnerability in multiple products
XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-121
7.8
2022-05-02 CVE-2021-46790 Out-of-bounds Write vulnerability in multiple products
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2.
local
low complexity
tuxera debian fedoraproject CWE-787
7.8
2022-05-02 CVE-2022-29970 Path Traversal vulnerability in multiple products
Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.
network
low complexity
sinatrarb debian CWE-22
7.5
2022-05-01 CVE-2022-25647 Deserialization of Untrusted Data vulnerability in multiple products
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
network
low complexity
google debian netapp oracle CWE-502
7.5