Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2022-24599 | Memory Leak vulnerability in multiple products In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. | 6.5 |
| 2022-02-22 | CVE-2022-0714 | Heap-based Buffer Overflow vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. | 5.5 |
| 2022-02-21 | CVE-2021-4115 | There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. | 5.5 |
| 2022-02-21 | CVE-2022-0696 | NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. | 5.5 |
| 2022-02-20 | CVE-2022-25375 | Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. | 5.5 |
| 2022-02-18 | CVE-2016-2124 | Improper Authentication vulnerability in multiple products A flaw was found in the way samba implemented SMB1 authentication. | 5.9 |
| 2022-02-18 | CVE-2021-20321 | Race Condition vulnerability in multiple products A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. | 4.7 |
| 2022-02-18 | CVE-2021-3930 | Off-by-one Error vulnerability in multiple products An off-by-one error was found in the SCSI device emulation in QEMU. | 6.5 |
| 2022-02-18 | CVE-2022-0585 | Excessive Iteration vulnerability in multiple products Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file | 6.5 |
| 2022-02-18 | CVE-2022-25313 | Uncontrolled Recursion vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. | 6.5 |