Vulnerabilities > Debian > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-12 | CVE-2022-27384 | SQL Injection vulnerability in multiple products An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | 7.5 |
| 2022-04-12 | CVE-2022-27386 | SQL Injection vulnerability in multiple products MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. | 7.5 |
| 2022-04-12 | CVE-2022-27387 | Classic Buffer Overflow vulnerability in multiple products MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. | 7.5 |
| 2022-04-12 | CVE-2022-24070 | Use After Free vulnerability in multiple products Subversion's mod_dav_svn is vulnerable to memory corruption. | 7.5 |
| 2022-04-12 | CVE-2022-24765 | Git for Windows is a fork of Git containing Windows-specific patches. | 7.8 |
| 2022-04-11 | CVE-2022-24836 | Nokogiri is an open source XML and HTML library for Ruby. | 7.5 |
| 2022-04-11 | CVE-2022-28893 | Use After Free vulnerability in multiple products The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. | 7.8 |
| 2022-04-06 | CVE-2022-24793 | PJSIP is a free and open source multimedia communication library written in C. | 7.5 |
| 2022-04-06 | CVE-2022-26110 | An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. | 8.8 |
| 2022-04-05 | CVE-2022-26357 | Race Condition vulnerability in multiple products race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. | 7.0 |