Lucene search
K

17 matches found

OSV
OSV
added 2025/04/24 1:15 p.m.2 views

DEBIAN-CVE-2025-46420

A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...

6.5CVSS7AI score0.00487EPSS
Exploits0References1
OSV
OSV
added 2025/01/14 6:15 p.m.1 views

DEBIAN-CVE-2024-12088

A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the...

7.5CVSS7.6AI score0.04575EPSS
Exploits0References1
OSV
OSV
added 2025/01/14 1:15 a.m.2 views

DEBIAN-CVE-2024-57639

An issue in the dceltsize component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.5AI score0.00551EPSS
Exploits1References1
OSV
OSV
added 2023/08/22 7:15 p.m.2 views

DEBIAN-CVE-2020-18781

Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert...

5.5CVSS6.6AI score0.00264EPSS
Exploits1References1
OSV
OSV
added 2023/03/06 11:15 p.m.2 views

DEBIAN-CVE-2022-4904

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity...

8.6CVSS7.3AI score0.01232EPSS
Exploits1References1
OSV
OSV
added 2022/10/10 10:15 p.m.5 views

DEBIAN-CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

6.5CVSS6.8AI score0.0071EPSS
Exploits1References1
OSV
OSV
added 2022/09/19 5:15 p.m.5 views

DEBIAN-CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS5.8AI score0.01413EPSS
Exploits1References1
OSV
OSV
added 2022/01/01 5:15 a.m.0 views

DEBIAN-CVE-2021-44716

net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests...

7.5CVSS6.2AI score0.03958EPSS
Exploits0References1
OSV
OSV
added 2020/04/13 6:15 p.m.2 views

DEBIAN-CVE-2020-6433

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

4.3CVSS6.5AI score0.01619EPSS
Exploits0References1
OSV
OSV
added 2019/11/18 5:15 p.m.2 views

DEBIAN-CVE-2019-10172

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes...

7.5CVSS6.4AI score0.17044EPSS
Exploits0References1
OSV
OSV
added 2018/01/04 1:29 p.m.1 views

DEBIAN-CVE-2017-5715

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis...

5.6CVSS7.4AI score0.74041EPSS
Exploits9References1
OSV
OSV
added 2007/12/13 7:46 p.m.2 views

DEBIAN-CVE-2007-6328

DOSBox 0.72 and earlier allows local users to obtain access to the filesystem on the host operating system via the mount command. NOTE: the researcher reports a vendor response stating that this is not a security problem...

7.2CVSS6.5AI score0.00345EPSS
Exploits0References1
OSV
OSV
added 2007/10/04 4:17 p.m.1 views

DEBIAN-CVE-2007-5191

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs...

7.2CVSS6.9AI score0.0044EPSS
Exploits0References1
OSV
OSV
added 2005/12/31 5:0 a.m.4 views

DEBIAN-CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows...

5CVSS6.7AI score0.02301EPSS
Exploits1References1
OSV
OSV
added 2004/07/07 4:0 a.m.3 views

DEBIAN-CVE-2004-0422

flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack...

2.1CVSS6.3AI score0.00362EPSS
Exploits0References1
OSV
OSV
added 2003/07/24 4:0 a.m.3 views

DEBIAN-CVE-2003-0251

ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block...

5CVSS6.5AI score0.02691EPSS
Exploits0References1
NVD
NVD
added 2001/03/26 5:0 a.m.29 views

CVE-2001-0195

sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking...

7.8CVSS7.7AI score0.00302EPSS
Exploits0References2
Rows per page
Query Builder