Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-03 | CVE-2022-21716 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Twisted is an event-based framework for internet applications, supporting Python 3.6+. | 7.5 |
2022-03-03 | CVE-2022-0492 | Missing Authorization vulnerability in multiple products A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. | 7.8 |
2022-03-03 | CVE-2022-23648 | containerd is a container runtime available as a daemon for Linux and Windows. | 7.5 |
2022-03-02 | CVE-2022-0711 | Infinite Loop vulnerability in multiple products A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. | 7.5 |
2022-02-26 | CVE-2022-23308 | Use After Free vulnerability in multiple products valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | 7.5 |
2022-02-24 | CVE-2022-0545 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. | 7.8 |
2022-02-24 | CVE-2022-0546 | Integer Overflow or Wraparound vulnerability in multiple products A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution. | 7.8 |
2022-02-24 | CVE-2022-21824 | Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". | 8.2 |
2022-02-24 | CVE-2019-25058 | Incorrect Authorization vulnerability in multiple products An issue was discovered in USBGuard before 1.1.0. | 7.8 |
2022-02-24 | CVE-2022-24407 | SQL Injection vulnerability in multiple products In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. | 8.8 |