Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-03 CVE-2022-23833 Infinite Loop vulnerability in multiple products
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2.
network
low complexity
djangoproject fedoraproject debian CWE-835
7.5
2022-02-02 CVE-2022-0443 Use After Free vulnerability in multiple products
Use After Free in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian CWE-416
7.8
2022-02-01 CVE-2022-0417 Heap-based Buffer Overflow vulnerability in multiple products
Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian CWE-122
7.8
2022-02-01 CVE-2021-43859 Resource Exhaustion vulnerability in multiple products
XStream is an open source java library to serialize objects to XML and back again.
7.5
2022-02-01 CVE-2021-46669 Use After Free vulnerability in multiple products
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
network
low complexity
mariadb fedoraproject debian CWE-416
7.5
2022-01-30 CVE-2022-0408 Stack-based Buffer Overflow vulnerability in multiple products
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian CWE-121
7.8
2022-01-30 CVE-2022-0413 Use After Free vulnerability in multiple products
Use After Free in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian CWE-416
7.8
2022-01-28 CVE-2022-0392 Heap-based Buffer Overflow vulnerability in multiple products
Heap-based Buffer Overflow in GitHub repository vim prior to 8.2.
local
low complexity
vim apple debian CWE-122
7.8
2022-01-28 CVE-2022-23098 Infinite Loop vulnerability in multiple products
An issue was discovered in the DNS proxy in Connman through 1.40.
network
low complexity
intel debian CWE-835
7.5
2022-01-27 CVE-2022-23181 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using.
local
high complexity
apache oracle debian CWE-367
7.0