debian

10,149 tracked vulnerabilities.

CVE-2022-1195 MEDIUM
Linux Kernel < 5.16 - Use-After-Free in Hamradio Drivers
Apr 29, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-1048 HIGH
Linux Kernel 2.6.12-4.14.279 - Use-After-Free in ALSA PCM hw_params
Apr 29, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-29869 MEDIUM
cifs-utils <= 6.14 - Information Disclosure via Verbose Logging
Apr 28, 2022
CVSS 5.3
EPSS 0.02
CVE-2022-27239 HIGH
cifs-utils < 6.15 - Stack-based Buffer Overflow via mount.cifs ip Argument
Apr 27, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-1441 HIGH
GPAC MP4Box - Buffer Overflow in diST_box_read Function
Apr 25, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-24792 HIGH
PJSIP < 2.12 - Denial of Service via Invalid WAV File Data Chunk
Apr 25, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-29582 HIGH
Linux Kernel < 5.17.3 - Use-After-Free via io_uring Timeout Race Condition
Apr 22, 2022
CVSS 7.0
EPSS 0.01
CVE-2022-29536 HIGH
GNOME Epiphany < 41.4 and 42.x < 42.2 - Out-of-bounds Write via Long Page Title
Apr 20, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-21496 MEDIUM
Oracle GraalVM & Java SE - Unauthenticated Data Manipulation via JNDI
Apr 19, 2022
CVSS 5.3
EPSS 0.03
CVE-2022-21476 HIGH
Oracle GraalVM & Java SE Unauthenticated Data Access via Libraries
Apr 19, 2022
CVSS 7.5
EPSS 0.04
CVE-2022-21449 HIGH
Azul Zulu - Unauthenticated Data Manipulation via Multiple Protocols
Apr 19, 2022
CVSS 7.5
EPSS 0.48
CVE-2022-21443 LOW
Oracle GraalVM & Java SE DoS via Multiple Protocols
Apr 19, 2022
CVSS 3.7
EPSS 0.03
CVE-2022-21434 MEDIUM
Oracle Java SE <17.0.2 - Unauthenticated RCE
Apr 19, 2022
CVSS 5.3
EPSS 0.03
CVE-2022-21427 MEDIUM
MySQL Server <= 5.7.37 and <= 8.0.28 - Authenticated Denial of Service in FTS Component
Apr 19, 2022
CVSS 4.9
EPSS 0.02
CVE-2022-21426 MEDIUM
Oracle GraalVM & JDK Unauthenticated Partial DoS in JAXP
Apr 19, 2022
CVSS 5.3
EPSS 0.03
CVE-2022-25648 HIGH
git < 1.11.0 - Command Injection via fetch Remote Parameter
Apr 19, 2022
CVSS 8.1
EPSS 0.05
CVE-2022-29458 HIGH
ncurses < 6.3 - Out-of-bounds Read in convert_strings
Apr 18, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-24859 MEDIUM
PyPDF2 < 1.27.5 - Denial of Service via Infinite Loop in Content Stream Parsing
Apr 18, 2022
CVSS 6.2
EPSS 0.01
CVE-2022-24851 HIGH
LDAP Account Manager < 7.9.1 - Authenticated Stored Cross-Site Scripting and Path Traversal via Profile Editor
Apr 15, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-28044 CRITICAL
irzip v0.640 - Heap Memory Corruption in lrzip.c:initialise_control
Apr 15, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-28042 HIGH
stb_image.h v2.27 - Use-After-Free in stbi__jpeg_huff_decode
Apr 15, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-28041 MEDIUM
stb_image.h v2.27 - Denial of Service via Integer Overflow in stbi__jpeg_decode_block_prog_dc
Apr 15, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-26651 CRITICAL
Asterisk <19.x-16.8-cert13 - SQL Injection
Apr 15, 2022
CVSS 9.8
EPSS 0.07
CVE-2022-26499 CRITICAL
Asterisk 16.15.0-19.x - Server-Side Request Forgery via STIR/SHAKEN Identity Header
Apr 15, 2022
CVSS 9.1
EPSS 0.08
CVE-2022-26498 HIGH
Asterisk < 16.25.1 - Uncontrolled Resource Consumption via STIR/SHAKEN File Download
Apr 15, 2022
CVSS 7.5
EPSS 0.16