Vulnerabilities > Debian > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-21 | CVE-2022-3633 | Memory Leak vulnerability in multiple products A vulnerability classified as problematic has been found in Linux Kernel. | 3.3 |
| 2022-10-21 | CVE-2022-3629 | Memory Leak vulnerability in multiple products A vulnerability was found in Linux Kernel. | 3.3 |
| 2022-10-16 | CVE-2022-3521 | Race Condition vulnerability in multiple products A vulnerability has been found in Linux Kernel and classified as problematic. | 2.5 |
| 2022-10-11 | CVE-2022-33747 | Improper Resource Shutdown or Release vulnerability in multiple products Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. | 3.8 |
| 2022-09-28 | CVE-2021-43980 | Race Condition vulnerability in multiple products The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client. | 3.7 |
| 2022-09-23 | CVE-2022-35252 | When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. | 3.7 |
| 2022-07-07 | CVE-2022-2047 | Improper Input Validation vulnerability in multiple products In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. | 2.7 |
| 2022-06-18 | CVE-2022-33981 | Use After Free vulnerability in multiple products drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function. | 3.3 |
| 2022-04-19 | CVE-2022-21443 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). | 3.7 |
| 2022-03-16 | CVE-2022-26354 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A flaw was found in the vhost-vsock device of QEMU. | 3.2 |