Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-14 CVE-2021-45444 In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument.
local
low complexity
zsh fedoraproject debian apple
7.8
2022-02-14 CVE-2022-0572 Out-of-bounds Write vulnerability in multiple products
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian apple CWE-787
7.8
2022-02-11 CVE-2021-20001 Incorrect Default Permissions vulnerability in multiple products
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.
network
low complexity
skolelinux debian CWE-276
7.5
2022-02-11 CVE-2022-24958 Release of Invalid Pointer or Reference vulnerability in multiple products
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
local
low complexity
linux fedoraproject netapp debian CWE-763
7.8
2022-02-11 CVE-2022-23772 Integer Overflow or Wraparound vulnerability in multiple products
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
network
low complexity
golang netapp debian CWE-190
7.5
2022-02-10 CVE-2022-0554 Use of Out-of-range Pointer Offset vulnerability in multiple products
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian apple CWE-823
7.8
2022-02-07 CVE-2022-21712 Information Exposure vulnerability in multiple products
twisted is an event-driven networking engine written in Python.
network
low complexity
twistedmatrix debian fedoraproject CWE-200
7.5
2022-02-05 CVE-2021-38172 Classic Buffer Overflow vulnerability in Debian Perm 0.4.0
perM 0.4.0 has a Buffer Overflow related to strncpy.
network
low complexity
debian CWE-120
7.5
2022-02-04 CVE-2021-40401 Unchecked Return Value vulnerability in multiple products
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1.
local
low complexity
gerbv-project fedoraproject debian CWE-252
8.6
2022-02-04 CVE-2022-23946 Stack-based Buffer Overflow vulnerability in multiple products
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010.
local
low complexity
kicad fedoraproject debian CWE-121
7.8