Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 9.0  Security Vulnerabilities
CVE-2021-22600
Known exploited
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
CVSS Score
6.6
EPSS Score
0.001
Published
2022-01-26
CVE-2022-0361
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS Score
8.4
EPSS Score
0.001
Published
2022-01-26
CVE-2022-0359
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-01-26
CVE-2022-23959
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
CVSS Score
9.1
EPSS Score
0.003
Published
2022-01-26
CVE-2022-0351
Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
CVSS Score
8.4
EPSS Score
0.0
Published
2022-01-25
CVE-2021-3850
Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.
CVSS Score
9.1
EPSS Score
0.003
Published
2022-01-25
CVE-2022-23034
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference count for such a mapping would then mistakenly be decremented twice. Underflow of the counters gets detected, resulting in the triggering of a hypervisor bug check.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-25
CVE-2021-45844
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.
CVSS Score
7.8
EPSS Score
0.005
Published
2022-01-25
CVE-2022-23852
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVSS Score
9.8
EPSS Score
0.019
Published
2022-01-24
CVE-2022-23837
In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-01-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved