CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2023/03/14 7:9 p.m.•4 views

CLSA-2023-1678820960 vim: Fix of CVE-2023-1175

CVE-2023-1175: make sure "startspaces" is not negative...

7.3CVSS6.8AI score0.00438EPSS

OSV•added 2023/02/09 11:29 p.m.•1 views

CLSA-2023-1675985375 Fix CVE(s): CVE-2023-22809

SECURITY UPDATE: edit a file not permitted by the security policy - debian/patches/CVE-2023-22809.patch: do not permit editor arguments to include "--" - CVE-2023-22809...

7.8CVSS7.1AI score0.55367EPSS

Exploits20References1

OSV•added 2022/12/15 5:17 p.m.•3 views

CLSA-2022-1671124649 Fix CVE(s): CVE-2022-3591

SECURITY UPDATE: Dummy buffer ends up in a window - debian/patches/CVE-2022-3591.patch: Disallow navigating to a dummy buffer - CVE-2022-3591...

7.8CVSS7.2AI score0.00373EPSS

OSV•added 2022/12/15 5:15 p.m.•3 views

CLSA-2022-1671124508 Fix CVE(s): CVE-2021-23222

SECURITY UPDATE: A man-in-the-middle attacker can inject false responses - debian/patches/CVE-2021-23222.patch: libpq: reject extraneous data after SSL or GSS encryption handshake - CVE-2021-23222...

5.9CVSS6.9AI score0.01501EPSS

OSV•added 2022/11/03 5:11 p.m.•5 views

CLSA-2022-1667495485 expat: Fix of CVE-2022-43680

CVE-2022-43680: Fix overeager DTD destruction...

7.5CVSS6.8AI score0.02241EPSS

OSV•added 2022/10/17 12:55 p.m.•3 views

CLSA-2022-1666011324 Fix CVE(s): CVE-2019-1010204, CVE-2017-17122

SECURITY UPDATE: integer overflow - debian/patches/CVE-2017-17122-pre1.patch: change bfdgetsize/bfdgetfilesize to ufileptr. - debian/patches/CVE-2017-17122.patch: stop objdump from attempting to allocate a huge chunk of memory when parsing relocs in a corrupt file. - CVE-2017-17122 SECURITY UPDAT...

7.8CVSS6.7AI score0.01885EPSS

OSV•added 2022/10/10 7:4 p.m.•1 views

CLSA-2022-1665428667 Fix CVE(s): CVE-2021-32027

SECURITY UPDATE: Buffer overrun from integer overflow - debian/patches/CVE-2021-32027.patch: Prevent integer overflows in array subscripting calculations - CVE-2021-32027...

8.8CVSS6.9AI score0.02046EPSS

OSV•added 2022/09/29 6:12 p.m.•2 views

CLSA-2022-1664475166 Fix CVE(s): CVE-2022-38177, CVE-2022-2795

SECURITY UPDATE: degrade resolver performance - debian/patches/CVE-2022-2795.patch: adds limits in fctxgetaddresses to avoid spending excessive amounts of time on processing large delegations in resolver code in lib/dns/resolver.c. - CVE-2022-2795 SECURITY UPDATE: memory leak -...

7.5CVSS6.9AI score0.02198EPSS

OSV•added 2022/08/04 6:11 p.m.•4 views

CLSA-2022-1659636700 Fix CVE(s): CVE-2022-21515

SECURITY UPDATE: Update to 5.7.39 to fix security issues - CVE-2022-21515 - debian/patches/disabletests.patch: added new failing test with 5.7.39...

4.9CVSS6.6AI score0.01411EPSS

OSV•added 2022/07/26 5:28 p.m.•2 views

CLSA-2022-1658856539 Fix CVE(s): CVE-2022-2289, CVE-2022-2304

SECURITY UPDATE: Accessing freed memory with diff put - debian/patches/CVE-2022-2289.patch: Bail out when diff pointer is no longer valid - CVE-2022-2289 SECURITY UPDATE: Spell dump may go beyond end of an array - debian/patches/CVE-2022-2304.patch: Limit the word length - CVE-2022-2304...

7.8CVSS7.2AI score0.01161EPSS

OSV•added 2022/07/14 4:0 p.m.•6 views

CLSA-2022-1657814447 Fix CVE(s): CVE-2021-23214

SECURITY UPDATE: MITM attack introducing arbitrary SQL quieries - debian/patches/CVE-2021-23214.patch: Raise error if data was received during SSL handshake - CVE-2021-23214...

8.1CVSS7.1AI score0.01901EPSS

OSV•added 2022/04/07 4:14 p.m.•4 views

CLSA-2022-1649348075 Fix CVE(s): CVE-2021-4189

SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class behavior to not trust the IPv4 address sent from the remote server when setting up a passive data channel in resposne in Lib/ftplib.py, Lib/test/testftplib.py. - CVE-2021-4189...

5.3CVSS6.9AI score0.02387EPSS

OSV•added 2022/04/07 11:39 a.m.•4 views

CLSA-2022-1649331579 Fix of CVE: CVE-2021-25220

CVE-2021-25220: fix possible cache poisoning from forwarder responses...

6.8CVSS6.8AI score0.0325EPSS

OSV•added 2022/04/05 2:55 p.m.•2 views

CLSA-2022-1649170553 Fix CVE(s): CVE-2021-4189

5.3CVSS6.9AI score0.02387EPSS

OSV•added 2022/03/17 8:56 p.m.•5 views

CLSA-2022-1647550603 Fix CVE(s): CVE-2022-0778

SECURITY UPDATE: Infinite loop in BNmodsqrt - debian/patches/CVE-2022-0778.patch: fix infinite loop in crypto/bn/bnsqrt.c. - CVE-2022-0778...

7.5CVSS7AI score0.70561EPSS

OSV•added 2022/01/17 2:20 p.m.•2 views

CLSA-2022-1642429251 Fix CVE(s):

Security update for Ubuntu 16.04...

5.8AI score

OSV•added 2021/12/16 7:10 p.m.•4 views

CLSA-2021-1639681859 Fix CVE(s): CVE-2021-3927, CVE-2021-3928

SECURITY UPDATE: Fix heap-based buffer overflow when reading character past end of line - debian/patches/CVE-2021-3927.patch: Correct the cursor column in src/exdocmd.c. - CVE-2021-3927 SECURITY UPDATE: Fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestion...

7.8CVSS7.5AI score0.01589EPSS

OSV•added 2021/10/28 10:13 p.m.•2 views

CLSA-2021-1635459213 Fix CVE(s): CVE-2021-33574, CVE-2021-38604, CVE-2021-35942

debian/patches/any/add-pthread-attr-copy.patch: adopt pthreadattrcopy functionality. debian/patches/any/add-test-for-pthread-attr-copy.patch: add test case for it. SECURITY UPDATE: Use-after-free in mqnotify - debian/patches/any/CVE-2021-33574.patch: use pthreadattrcopy to completely duplicate...

9.8CVSS7.1AI score0.03045EPSS

OSV•added 2021/10/28 2:11 p.m.•3 views

CLSA-2021-1635430310 Fix CVE(s): CVE-2017-20005

SECURITY UPDATE: Fix buffer overflow for years that exceed four digits. - debian/patches/CVE-2017-20005.patch - CVE-2017-20005...

9.8CVSS6AI score0.03285EPSS