Vulnerabilities > Debian > Low

DATE CVE VULNERABILITY TITLE RISK
2022-03-13 CVE-2021-36368 Improper Authentication vulnerability in multiple products
An issue was discovered in OpenSSH before 8.9.
network
high complexity
openbsd debian CWE-287
3.7
3.7
2022-02-11 CVE-2022-24959 Memory Leak vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.16.5.
local
low complexity
linux debian CWE-401
2.1
2.1
2022-02-04 CVE-2022-0487 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel.
local
low complexity
linux redhat debian CWE-416
2.1
2.1
2022-02-04 CVE-2022-24448 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5.
local
low complexity
linux debian CWE-908
3.3
3.3
2022-01-19 CVE-2021-23225 Cross-site Scripting vulnerability in multiple products
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.
network
cacti debian CWE-79
3.5
3.5
2022-01-19 CVE-2022-21248 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization).
network
high complexity
oracle netapp debian fedoraproject
3.7
3.7
2022-01-05 CVE-2021-28713 Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "driver domains".
local
low complexity
xen debian
2.1
2.1
2022-01-05 CVE-2021-28712 Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "driver domains".
local
low complexity
xen debian
2.1
2.1
2022-01-05 CVE-2021-28711 Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "driver domains".
local
low complexity
xen debian
2.1
2.1
2021-12-16 CVE-2021-45095 Information Exposure vulnerability in multiple products
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
local
low complexity
linux debian CWE-200
2.1
2.1