debian

10,129 tracked vulnerabilities.

CVE-2022-28346 CRITICAL
Django 2.2-2.2.27, 3.2-3.2.12, 4.0-4.0.3 - SQL Injection via QuerySet Column Alias Dictionary Expansion
Apr 12, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-24836 HIGH
Nokogiri < 1.13.4 - Inefficient Regular Expression Complexity in HTML Encoding Detection
Apr 11, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-28893 HIGH
Linux Kernel 5.1-5.17.2 - Use-After-Free in SUNRPC Subsystem
Apr 11, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-24793 HIGH
pjsip < 2.12 - Buffer Overflow in DNS Query Record Parser
Apr 06, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-24786 CRITICAL
pjsip < 2.12 - Out-of-bounds Read in RTCP Feedback RPSI Parser
Apr 06, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-26110 HIGH
HTCondor <8.8.16, <9.0.10, <9.6.0 - Privilege Escalation
Apr 06, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-26361 HIGH
Xen - IOMMU Memory Corruption via RMRR and Unity Map Handling
Apr 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-26360 HIGH
Xen - IOMMU Memory Corruption via RMRR and Unity Map Handling
Apr 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-26359 HIGH
Xen - IOMMU Memory Corruption via RMRR and Unity Map Handling
Apr 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-26358 HIGH
Xen - IOMMU Memory Corruption via RMRR and Unity Map Handling
Apr 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-26357 HIGH
Xen 4.11.0-4.11.99 - Race Condition in VT-d Domain ID Cleanup
Apr 05, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-26356 MEDIUM
Xen 4.0.0-4.11.x - Memory Leak via Racy Dirty VRAM Tracking and Paging Log Dirty Hypercalls
Apr 05, 2022
CVSS 5.6
EPSS 0.00
CVE-2022-24801 HIGH
Twisted < 22.4.0 - HTTP Request Smuggling via Non-Conformant HTTP Request Parsing
Apr 04, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-24785 HIGH
Moment.js 1.0.1-2.29.1 - Path Traversal via Locale Switching
Apr 04, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-28390 HIGH
Linux kernel <5.17.1 - Memory Corruption
Apr 03, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-28389 MEDIUM
Linux kernel <5.17.1 - Use After Free
Apr 03, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-28388 MEDIUM
Linux kernel <5.17.1 - Use After Free
Apr 03, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-28356 MEDIUM
Linux kernel <5.17.1 - Info Disclosure
Apr 02, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-24790 CRITICAL
Puma < 4.3.12 and 5.0.0-5.6.4 - HTTP Request Smuggling via Proxy Request Parsing Discrepancy
Mar 30, 2022
CVSS 9.1
EPSS 0.00
CVE-2022-24763 HIGH
PJSIP < 2.13 - Denial of Service via XML Parser Infinite Loop
Mar 30, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-1154 HIGH
vim < 8.2.4646 - Use-After-Free in utf_ptr2char
Mar 30, 2022
CVSS 7.8
EPSS 0.02
CVE-2022-28202 MEDIUM
MediaWiki < 1.35.6, 1.36.x < 1.36.4, 1.37.x < 1.37.2 - Cross-Site Scripting via Gallery and Special:RevisionDelete
Mar 30, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-1122 MEDIUM
openjpeg2 2.4.0 - Denial of Service via Uninitialized Pointer Free
Mar 29, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-26291 MEDIUM
long_range_zip v0.641 - Denial of Service via Use-After-Free in zpaq_decompress_buf
Mar 28, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-1049 HIGH
pcs < 0.11.2 - Improper Authentication via PAM
Mar 25, 2022
CVSS 8.8
EPSS 0.00
Products
debian_linux 9,981 advanced_package_tool 21 dpkg 14 shadow 8 lintian 6 apt 5 devscripts 3 horde 3 reportbug 3 apt-cacher 2 aptlinex 2 cifs-utils 2 dpkg-dev 2 fsp 2 horde_groupware 2 mime-support 2 netkit 2 python-apt 2 python-dns 2 qpopper 2 xsabre 2 yubiserver 2 FreedomBox 1 adequate 1 amaya 1 apache 1 apache2 1 apt-listchanges 1 apt-setup 1 axiom 1
Quick Filters
Critical CVEs With Exploits In CISA KEV