Vulnerabilities > Debian > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-29 | CVE-2021-4206 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-04-29 | CVE-2021-4207 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-04-29 | CVE-2022-1048 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. | 7.0 |
| 2022-04-29 | CVE-2022-1353 | A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. | 7.1 |
| 2022-04-27 | CVE-2022-27239 | Out-of-bounds Write vulnerability in multiple products In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. | 7.8 |
| 2022-04-25 | CVE-2022-1441 | Out-of-bounds Read vulnerability in multiple products MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. | 7.8 |
| 2022-04-25 | CVE-2022-24792 | Infinite Loop vulnerability in multiple products PJSIP is a free and open source multimedia communication library written in C. | 7.5 |
| 2022-04-25 | CVE-2019-25059 | Artifex Ghostscript through 9.26 mishandles .completefont. | 7.8 |
| 2022-04-22 | CVE-2022-29582 | Race Condition vulnerability in multiple products In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. | 7.0 |
| 2022-04-20 | CVE-2022-29536 | Out-of-bounds Write vulnerability in multiple products In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. | 7.5 |