Vulnerabilities > Debian > Low

DATE CVE VULNERABILITY TITLE RISK
2023-04-18 CVE-2023-21937 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking).
network
high complexity
oracle netapp debian
3.7
2022-10-21 CVE-2022-3633 Memory Leak vulnerability in multiple products
A vulnerability classified as problematic has been found in Linux Kernel.
local
low complexity
linux debian CWE-401
3.3
2022-10-21 CVE-2022-3629 Memory Leak vulnerability in multiple products
A vulnerability was found in Linux Kernel.
local
low complexity
linux debian CWE-401
3.3
2022-10-16 CVE-2022-3521 Race Condition vulnerability in multiple products
A vulnerability has been found in Linux Kernel and classified as problematic.
local
high complexity
linux debian CWE-362
2.5
2022-10-11 CVE-2022-33747 Improper Resource Shutdown or Release vulnerability in multiple products
Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g.
local
low complexity
xen fedoraproject debian CWE-404
3.8
2022-09-28 CVE-2021-43980 Race Condition vulnerability in multiple products
The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client.
network
high complexity
apache debian CWE-362
3.7
2022-09-23 CVE-2022-35252 When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses.
network
high complexity
haxx netapp apple debian splunk
3.7
2022-07-07 CVE-2022-2047 Improper Input Validation vulnerability in multiple products
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname.
network
low complexity
eclipse debian netapp CWE-20
2.7
2022-06-18 CVE-2022-33981 Use After Free vulnerability in multiple products
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
local
low complexity
linux debian CWE-416
3.3
2022-04-19 CVE-2022-21443 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp debian azul
3.7