Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-17 CVE-2022-29581 Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root.
local
low complexity
linux debian canonical netapp
7.8
7.8
2022-05-16 CVE-2022-1679 A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages.
local
low complexity
linux debian netapp
7.8
7.8
2022-05-12 CVE-2022-29885 The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network.
network
low complexity
apache debian oracle
7.5
7.5
2022-05-12 CVE-2022-30594 Missing Authorization vulnerability in multiple products
The Linux kernel before 5.17.2 mishandles seccomp permissions.
local
low complexity
linux debian netapp CWE-862
7.8
7.8
2022-05-10 CVE-2022-1621 Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919.
local
low complexity
vim debian fedoraproject apple
7.8
7.8
2022-05-09 CVE-2022-28739 Out-of-bounds Read vulnerability in multiple products
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2.
network
low complexity
ruby-lang debian apple CWE-125
7.5
7.5
2022-05-09 CVE-2022-30333 Path Traversal vulnerability in multiple products
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file.
network
low complexity
rarlab debian CWE-22
7.5
7.5
2022-05-08 CVE-2022-28463 Classic Buffer Overflow vulnerability in multiple products
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
local
low complexity
imagemagick debian CWE-120
7.8
7.8
2022-05-08 CVE-2022-1619 Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
local
low complexity
vim fedoraproject debian netapp apple
7.8
7.8
2022-05-08 CVE-2018-25033 Out-of-bounds Read vulnerability in multiple products
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a.
network
low complexity
admesh-project debian CWE-125
8.1
8.1