Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-25 | CVE-2022-23035 | Incomplete Cleanup vulnerability in multiple products Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. | 4.6 |
| 2022-01-25 | CVE-2021-45343 | NULL Pointer Dereference vulnerability in multiple products In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document. | 5.5 |
| 2022-01-21 | CVE-2022-0319 | Out-of-bounds Read in vim/vim prior to 8.2. | 5.5 |
| 2022-01-19 | CVE-2022-21704 | log4js-node is a port of log4js to node.js. | 5.5 |
| 2022-01-19 | CVE-2021-23225 | Cross-site Scripting vulnerability in multiple products Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php. | 5.4 |
| 2022-01-16 | CVE-2022-0235 | node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | 6.1 |
| 2022-01-14 | CVE-2022-0213 | vim is vulnerable to Heap-based Buffer Overflow | 6.6 |
| 2022-01-13 | CVE-2022-21682 | Path Traversal vulnerability in multiple products Flatpak is a Linux application sandboxing and distribution framework. | 6.5 |
| 2022-01-13 | CVE-2022-23134 | Improper Authentication vulnerability in multiple products After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. | 5.3 |
| 2022-01-12 | CVE-2021-37529 | Double Free vulnerability in multiple products A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent). | 5.5 |