debian
10,127 tracked vulnerabilities.
CVE-2022-23478
CRITICAL
xrdp < 0.9.21 - Out-of-bounds Write in xrdp_mm_trans_process_drdynvc_channel_open()
Dec 09, 2022
CVSS 9.1
EPSS 0.00
CVE-2022-23477
CRITICAL
xrdp < 0.9.21 - Buffer Overflow in audin_send_open()
Dec 09, 2022
CVSS 9.1
EPSS 0.00
CVE-2022-23468
MEDIUM
xrdp < 0.9.21 - Buffer Overflow in xrdp_login_wnd_create()
Dec 09, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-42329
MEDIUM
Linux Kernel < 6.0 - Deadlock in Netback Driver
Dec 07, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-42328
MEDIUM
Linux Kernel < 6.0 - Deadlock in Netback Driver
Dec 07, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-3643
MEDIUM
Linux Kernel 3.19-4.9.335 - Denial of Service via Malicious Network Packet Headers
Dec 07, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-41325
HIGH
VLC Media Player <3.0.17.4 - Code Injection
Dec 06, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-24439
HIGH
GitPython <3.1.30 - Remote Code Execution via Malicious Clone URL
Dec 06, 2022
CVSS 8.1
EPSS 0.69
CVE-2022-43548
HIGH
Node.js <14.21.1, <16.18.1, <18.12.1, <19.0.1 - Command Injection
Dec 05, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-35256
MEDIUM
Node.js 14.0.0-14.13.1, 14.15.0-14.20.0 and llhttp < 6.0.10 - HTTP Request Smuggling via Header Field Parsing
Dec 05, 2022
CVSS 6.5
EPSS 0.04
CVE-2022-35255
CRITICAL
Node.js 15.0.0-15.13.0 and 16.13.0-16.17.0 - Weak Cryptographic Key Generation via WebCrypto EntropySource
Dec 05, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-32221
CRITICAL
curl - Exposure of Sensitive Information via Reused Handle Logic
Dec 05, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-30123
CRITICAL
Rack <2.0.9.1-<2.2.3.1 - Command Injection
Dec 05, 2022
CVSS 10.0
EPSS 0.02
CVE-2022-30122
HIGH
Rack <2.0.9.1, <2.1.4.1, <2.2.3.1 - Denial of Service in Multipart Parsing
Dec 05, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-46391
MEDIUM
AWStats 7.0-7.8 - Cross-Site Scripting in Hostinfo Plugin via Net::XWhois Response
Dec 04, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-46338
MEDIUM
g810-led 0.4.2 - Unprotected User Data Exposure via Udev Rule
Nov 30, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-45442
HIGH
Sinatra 2.0-2.2.2 and 3.0-3.0.3 - Reflected File Download via User-Supplied Filename in Content-Disposition Header
Nov 28, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-45939
HIGH
GNU Emacs <= 28.2 - OS Command Injection via ctags Source-Code Filename
Nov 28, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-45934
HIGH
Linux Kernel 2.6.32-4.9.337 - Integer Overflow via L2CAP Configuration Request
Nov 27, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-24999
HIGH
QS < 6.2.4 - Prototype Pollution
Nov 26, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-44789
HIGH
Artifex MuJS 1.0.0-1.3.x - Remote Code Execution via Crafted JavaScript File
Nov 23, 2022
CVSS 8.8
EPSS 0.03
CVE-2022-41946
MEDIUM
PostgreSQL JDBC Driver 42.2.0-42.2.27 - Insecure Temporary File Creation via InputStream Handling
Nov 23, 2022
CVSS 4.7
EPSS 0.00
CVE-2022-36227
CRITICAL
libarchive <3.6.2 - Memory Corruption
Nov 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44641
MEDIUM
Linaro LAVA < 2022.11 - Authenticated Denial of Service via XML Entity Expansion
Nov 18, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-41916
MEDIUM
Heimdal < 7.7.1 - Denial of Service in PKI Certificate Validation
Nov 15, 2022
CVSS 5.9
EPSS 0.00
Products
debian_linux 9,979
advanced_package_tool 21
dpkg 14
shadow 8
lintian 6
apt 5
devscripts 3
horde 3
reportbug 3
apt-cacher 2
aptlinex 2
cifs-utils 2
dpkg-dev 2
fsp 2
horde_groupware 2
mime-support 2
netkit 2
python-apt 2
python-dns 2
qpopper 2
xsabre 2
yubiserver 2
FreedomBox 1
adequate 1
amaya 1
apache 1
apache2 1
apt-listchanges 1
apt-setup 1
axiom 1
Quick Filters