Debian Linux Security Vulnerabilities
An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is...
5.5CVSS
5.2AI Score
0.001EPSS
An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code...
7.8CVSS
7.4AI Score
0.002EPSS
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows an attacker to cause code...
7.8CVSS
7.4AI Score
0.001EPSS
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code...
7.8CVSS
7.4AI Score
0.001EPSS
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file...
5.5CVSS
5.3AI Score
0.001EPSS
arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS...
7.8CVSS
7.4AI Score
0.001EPSS
loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for...
7.8CVSS
7.2AI Score
0.0004EPSS
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a...
8.8CVSS
8.5AI Score
0.004EPSS
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a...
6.5CVSS
6.8AI Score
0.001EPSS
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a...
6.5CVSS
7.3AI Score
0.002EPSS
libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a...
6.5CVSS
7.2AI Score
0.002EPSS
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in...
5.5CVSS
5.6AI Score
0.001EPSS
5.5CVSS
5.3AI Score
0.001EPSS
5.5CVSS
5.6AI Score
0.001EPSS
5.5CVSS
5.6AI Score
0.001EPSS
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in...
5.5CVSS
5.6AI Score
0.001EPSS
5.5CVSS
5.3AI Score
0.001EPSS
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in...
5.5CVSS
5.6AI Score
0.001EPSS
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create...
8.1CVSS
7.7AI Score
0.003EPSS
tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other...
7.5CVSS
7.7AI Score
0.003EPSS
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component...
6.5CVSS
6.5AI Score
0.002EPSS
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component...
6.5CVSS
6.3AI Score
0.003EPSS
An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other...
7.5CVSS
7.6AI Score
0.031EPSS
A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this...
8.8CVSS
8.7AI Score
0.009EPSS
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt...
7.5CVSS
7.5AI Score
0.005EPSS
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code...
7.8CVSS
7.7AI Score
0.001EPSS
A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G <...
7.8CVSS
7.6AI Score
0.001EPSS
A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G <...
7.8CVSS
7.4AI Score
0.0004EPSS
A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G <...
7.8CVSS
7.4AI Score
0.0004EPSS
In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the...
7.8CVSS
7.7AI Score
0.001EPSS
A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G <...
7.8CVSS
7.4AI Score
0.0004EPSS
A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G <...
7.8CVSS
7.5AI Score
0.001EPSS
A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <...
7.8CVSS
7.3AI Score
0.0004EPSS
A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G <...
7.8CVSS
7.3AI Score
0.0004EPSS
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <...
7.8CVSS
7.6AI Score
0.001EPSS
A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G <...
7.8CVSS
7.4AI Score
0.0004EPSS
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <...
7.8CVSS
7.6AI Score
0.001EPSS
NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when...
7.8CVSS
8.1AI Score
0.001EPSS
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component...
7.5CVSS
7.1AI Score
0.002EPSS
A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G <...
7.8CVSS
7.3AI Score
0.0004EPSS
In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code...
7.8CVSS
7.9AI Score
0.001EPSS
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G <...
5.5CVSS
6AI Score
0.0004EPSS
A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G <...
7.8CVSS
7.4AI Score
0.0004EPSS
In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code...
7.8CVSS
7.9AI Score
0.001EPSS
NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of...
7.8CVSS
8AI Score
0.001EPSS
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered...
7.8CVSS
7.6AI Score
0.001EPSS
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of...
7.8CVSS
8AI Score
0.001EPSS
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay...
7.5CVSS
7AI Score
0.004EPSS
The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for...
6.5CVSS
5.8AI Score
0.003EPSS
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through...
7CVSS
6.8AI Score
0.0004EPSS