Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-20 CVE-2022-1720 Buffer Over-read vulnerability in multiple products
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956.
network
vim debian CWE-126
6.8
2022-06-19 CVE-2022-2126 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
network
vim debian CWE-125
6.8
2022-06-19 CVE-2022-2124 Buffer Over-read vulnerability in multiple products
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
network
vim debian CWE-126
6.8
2022-06-13 CVE-2022-32278 XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.
network
xfce debian
6.8
2022-06-09 CVE-2022-21499 Out-of-bounds Write vulnerability in multiple products
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown.
local
low complexity
oracle debian CWE-787
4.6
2022-06-02 CVE-2022-1789 NULL Pointer Dereference vulnerability in multiple products
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva.
6.9
2022-06-02 CVE-2022-26491 Improper Certificate Validation vulnerability in multiple products
An issue was discovered in Pidgin before 2.14.9.
4.3
2022-05-24 CVE-2022-29221 Code Injection vulnerability in multiple products
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty debian CWE-94
6.5
2022-05-17 CVE-2022-30688 Improper Privilege Management vulnerability in multiple products
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation.
local
low complexity
needrestart-project debian CWE-269
4.6
2022-05-09 CVE-2022-28739 Out-of-bounds Read vulnerability in multiple products
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2.
4.3