Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-17 CVE-2022-0629 Stack-based Buffer Overflow vulnerability in multiple products
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject apple debian CWE-121
7.8
2022-02-16 CVE-2021-3560 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user.
7.8
2022-02-16 CVE-2021-3578 Incorrect Type Conversion or Cast vulnerability in multiple products
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response.
local
low complexity
isync-project fedoraproject debian CWE-704
7.8
2022-02-16 CVE-2021-3752 Race Condition vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition.
7.1
2022-02-16 CVE-2021-3760 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux fedoraproject debian netapp CWE-416
7.8
2022-02-16 CVE-2022-23803 Stack-based Buffer Overflow vulnerability in multiple products
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010.
local
low complexity
kicad fedoraproject debian CWE-121
7.8
2022-02-16 CVE-2022-23804 Stack-based Buffer Overflow vulnerability in multiple products
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010.
local
low complexity
kicad fedoraproject debian CWE-121
7.8
2022-02-14 CVE-2022-0581 Use After Free vulnerability in multiple products
Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-416
7.5
2022-02-14 CVE-2022-0583 Out-of-bounds Write vulnerability in multiple products
Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-787
7.5
2022-02-14 CVE-2022-0586 Infinite Loop vulnerability in multiple products
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-835
7.5