Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-25 CVE-2022-23034 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled.
local
low complexity
xen fedoraproject debian CWE-191
5.5
5.5
2022-01-25 CVE-2022-23035 Incomplete Cleanup vulnerability in multiple products
Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device.
low complexity
xen fedoraproject debian CWE-459
4.6
4.6
2022-01-25 CVE-2021-45343 NULL Pointer Dereference vulnerability in multiple products
In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.
local
low complexity
librecad fedoraproject debian CWE-476
5.5
5.5
2022-01-21 CVE-2022-0319 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds Read in vim/vim prior to 8.2.
local
low complexity
vim debian apple CWE-125
5.5
5.5
2022-01-19 CVE-2022-21704 Incorrect Default Permissions vulnerability in multiple products
log4js-node is a port of log4js to node.js.
local
low complexity
log4js-project debian CWE-276
5.5
5.5
2022-01-19 CVE-2021-23225 Cross-site Scripting vulnerability in multiple products
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.
network
low complexity
cacti debian CWE-79
5.4
5.4
2022-01-19 CVE-2022-21277 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle debian netapp
5.3
5.3
2022-01-19 CVE-2022-21282 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP).
network
low complexity
oracle debian netapp
5.3
5.3
2022-01-19 CVE-2022-21283 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
low complexity
oracle debian fedoraproject netapp
5.3
5.3
2022-01-19 CVE-2022-21291 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).
network
low complexity
oracle debian netapp fedoraproject
5.3
5.3