debian

10,127 tracked vulnerabilities.

CVE-2022-1922 HIGH
GStreamer < 1.20.3 - Denial of Service and Heap Overflow in Matroska Demuxer
Jul 19, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-1921 HIGH
GStreamer < 1.20.3 - Integer Overflow in AVI Demuxer via Crafted AVI File
Jul 19, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-1920 HIGH
GStreamer < 1.20.3 - Heap Overflow via Matroska Demuxer WVPK Header Parsing
Jul 19, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-34169 HIGH
Apache Xalan <2.7.3 - Code Injection
Jul 19, 2022
CVSS 7.5
EPSS 0.11
CVE-2022-2469 LOW
GNU SASL < 2.0.1 - Authenticated Out-of-bounds Read via GSS-API Client
Jul 19, 2022
CVSS 3.8
EPSS 0.00
CVE-2022-30550 HIGH
Dovecot 2.2-2.3 < 2.3.20 - Privilege Escalation via Duplicate Passdb Configuration
Jul 17, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-35409 CRITICAL
Mbed TLS < 2.28.1 and 3.x < 3.2.0 - Unauthenticated Heap-Based Buffer Over-Read via DTLS ClientHello
Jul 15, 2022
CVSS 9.1
EPSS 0.02
CVE-2022-23825 MEDIUM
AMD Processors - Info Disclosure
Jul 14, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-32215 MEDIUM
llhttp <14.20.1, <16.17.1, <18.9.1 - HTTP Request Smuggling via Multi-line Transfer-Encoding Header
Jul 14, 2022
CVSS 6.5
EPSS 0.86
CVE-2022-32214 MEDIUM
llhttp < 2.1.5 - HTTP Request Smuggling via CRLF Sequence Mismanagement
Jul 14, 2022
CVSS 6.5
EPSS 0.39
CVE-2022-32213 MEDIUM
llhttp < 2.1.5 - HTTP Request Smuggling via Transfer-Encoding Header
Jul 14, 2022
CVSS 6.5
EPSS 0.86
CVE-2022-32212 HIGH
Node.js <14.20.0, <16.20.0, <18.5.0 - OS Command Injection via IsAllowedHost Bypass
Jul 14, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-29187 HIGH
Git <2.37.1-2.30.5 - Privilege Escalation
Jul 12, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-29901 MEDIUM
Intel Core i7 Firmware - Spectre Retpoline Bypass Exposes Sensitive Information
Jul 12, 2022
CVSS 5.6
EPSS 0.00
CVE-2022-29900 MEDIUM
AMD APU Firmware - Arbitrary Speculative Code Execution
Jul 12, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-35414 HIGH
QEMU 4.1.50-7.0.0 - Use-After-Free in softmmu/physmem.c
Jul 11, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-35410 HIGH
mat2 < 0.13.0 - Path Traversal via ZIP Archive Cleaning
Jul 08, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-2048 HIGH
Eclipse Jetty < 9.4.47 - Denial of Service via HTTP/2 Request Error Handling
Jul 07, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-2047 LOW
Eclipse Jetty 9.4.0-9.4.46, 10.0.0-10.0.9, 11.0.0-11.0.9 - Improper Input Validation in HttpURI Authority Parsing
Jul 07, 2022
CVSS 2.7
EPSS 0.01
CVE-2022-32208 MEDIUM
curl 7.16.4-7.83.1 - Man-In-The-Middle Attack via FTP KRB5 Message Verification Failure
Jul 07, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-32207 CRITICAL
curl 7.69.0-7.83.1 - Unauthenticated File Permission Overwrite via Atomic Rename
Jul 07, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-32206 MEDIUM
curl < 7.84.0 - Denial of Service via Unbounded HTTP Compression Chain
Jul 07, 2022
CVSS 6.5
EPSS 0.03
CVE-2022-32205 MEDIUM
curl 7.71.0-7.84.0 - Denial of Service via Excessive Set-Cookie Headers
Jul 07, 2022
CVSS 4.3
EPSS 0.02
CVE-2022-2318 MEDIUM
Linux Kernel < 5.19 - Use-After-Free in ROSE Timer Handler
Jul 06, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-31129 HIGH
moment 2.18.0-2.29.3 - Denial of Service via RFC2822 Date Parsing
Jul 06, 2022
CVSS 7.5
EPSS 0.03
Products
debian_linux 9,979 advanced_package_tool 21 dpkg 14 shadow 8 lintian 6 apt 5 devscripts 3 horde 3 reportbug 3 apt-cacher 2 aptlinex 2 cifs-utils 2 dpkg-dev 2 fsp 2 horde_groupware 2 mime-support 2 netkit 2 python-apt 2 python-dns 2 qpopper 2 xsabre 2 yubiserver 2 FreedomBox 1 adequate 1 amaya 1 apache 1 apache2 1 apt-listchanges 1 apt-setup 1 axiom 1
Quick Filters
Critical CVEs With Exploits In CISA KEV