Lucene search
K
DebiancveMost viewed

60161 matches found

Debian CVE
Debian CVE
•added 2022/08/05 3:11 p.m.•40 views

CVE-2022-2303

Removed by vendor...

4.3CVSS5.8AI score0.00624EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/08/03 12:0 a.m.•40 views

CVE-2022-31197

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contain...

8CVSS7AI score0.01662EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/08/02 12:0 a.m.•40 views

CVE-2022-37035

An issue was discovered in bgpd in FRRouting FRR 8.3. In bgpnotifysendwithdata and bgpprocesspacket in bgppacket.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is no...

8.1CVSS8.1AI score0.01923EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/07/28 12:41 a.m.•40 views

CVE-2022-2164

Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page...

6.3CVSS7.2AI score0.00526EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/07/27 9:18 p.m.•40 views

CVE-2022-1866

Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions...

8.8CVSS9.7AI score0.00708EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/07/27 9:16 p.m.•40 views

CVE-2022-1857

Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page...

8.8CVSS8.6AI score0.0071EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/07/26 9:35 p.m.•40 views

CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS5.8AI score0.00708EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/07/26 9:30 p.m.•40 views

CVE-2022-1477

Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.5AI score0.00889EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/07/22 11:37 p.m.•40 views

CVE-2022-1132

Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device...

6.1CVSS7.2AI score0.00282EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/07/22 2:17 p.m.•40 views

CVE-2022-34520

Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function rbinfilextrloadbuffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service DOS via a crafted binary file...

5.5CVSS5.2AI score0.00284EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/07/20 12:0 a.m.•40 views

CVE-2021-46828

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections...

7.5CVSS7.6AI score0.02088EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/07/19 9:7 p.m.•40 views

CVE-2022-21556

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

6.5CVSS6.7AI score0.01147EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/07/19 9:6 p.m.•40 views

CVE-2022-21515

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 5.7.38 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.9CVSS5.3AI score0.01418EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/07/19 7:10 p.m.•40 views

CVE-2022-1925

DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gstmatroskadecompressdata function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however t...

7.8CVSS7.8AI score0.00445EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/07/13 8:49 p.m.•40 views

CVE-2022-32117

Removed by vendor...

7.8CVSS7.7AI score0.00318EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/07/06 12:0 a.m.•40 views

CVE-2022-33980

Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the...

9.8CVSS8.3AI score0.34819EPSS
Exploits3
Debian CVE
Debian CVE
•added 2022/07/05 5:35 p.m.•40 views

CVE-2022-31116

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly decode certain characters. JSON strings that contain escaped surrogate characters not part of a proper surrogate pair were decoded incorrectly. Besides corrupti...

7.5CVSS7.6AI score0.02283EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/07/01 3:48 p.m.•40 views

CVE-2022-2281

Removed by vendor...

5.3CVSS6AI score0.00846EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/06/30 12:42 p.m.•40 views

CVE-2022-1852

A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU...

5.5CVSS5.9AI score0.00304EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/06/22 1:13 p.m.•40 views

CVE-2022-33105

Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID...

7.5CVSS7.5AI score0.03045EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/06/15 1:0 p.m.•40 views

CVE-2022-20132

In lgprobe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User...

4.9CVSS5.9AI score0.00198EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/06/14 10:22 a.m.•40 views

CVE-2021-40633

A memory leak out-of-memory in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file...

8.8CVSS8.4AI score0.01533EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/06/08 12:32 p.m.•40 views

CVE-2022-30552

Das U-Boot 2022.01 has a Buffer Overflow...

5.5CVSS6.5AI score0.00439EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/05/27 9:10 p.m.•40 views

CVE-2022-31782

ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow...

7.8CVSS7.8AI score0.00699EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/05/26 12:0 a.m.•40 views

CVE-2022-30787

An integer underflow in fuselibreaddir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

6.7CVSS7AI score0.00417EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/05/25 11:19 a.m.•41 views

CVE-2022-30323

go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected ZIP files. Fixed in 1.6.1 and 2.1.0...

8.6CVSS7AI score0.01279EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/05/24 6:30 p.m.•40 views

CVE-2021-42614

A use after free in infowidthinternal in bkinfo.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document...

7.8CVSS8.1AI score0.00826EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/05/24 6:16 p.m.•40 views

CVE-2021-42613

A double free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document...

7.8CVSS7.8AI score0.00826EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/05/17 12:0 a.m.•40 views

CVE-2022-30067

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash...

5.5CVSS6.3AI score0.00721EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/05/11 1:10 p.m.•40 views

CVE-2022-29977

There is an assertion failure error in stbijpeghuffdecode, stbimage.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file...

6.5CVSS6.2AI score0.0097EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/05/08 12:0 a.m.•40 views

CVE-2022-1619

Heap-based Buffer Overflow in function cmdlineerasechars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution...

7.8CVSS7.4AI score0.02481EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/05/07 12:0 a.m.•40 views

CVE-2022-1616

Use after free in appendcommand in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution...

7.8CVSS7.4AI score0.02645EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/05/06 8:5 p.m.•40 views

CVE-2021-23792

The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity XXE Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attacker can exploit this vulnerability if they are able to supply a file e.g. when an online profile...

9.8CVSS9.6AI score0.00995EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/05/06 12:5 p.m.•40 views

CVE-2022-24823

Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local syst...

5.5CVSS6.7AI score0.01044EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/04/29 3:38 p.m.•40 views

CVE-2022-1114

A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to information disclosure and a denial of service...

7.1CVSS6.6AI score0.01113EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/04/25 12:48 p.m.•40 views

CVE-2022-27135

xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service Segmentation fault or other unspecified effects by sending a crafted PDF file to the pdftoppm binary...

5.5CVSS5.6AI score0.00974EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/04/21 12:0 a.m.•40 views

CVE-2022-1420

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774...

6.8CVSS6.6AI score0.01418EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/04/19 8:37 p.m.•40 views

CVE-2022-21435

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS5.8AI score0.01266EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/04/18 12:0 a.m.•40 views

CVE-2022-29458

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convertstrings in tinfo/readentry.c in the terminfo library...

7.1CVSS6.4AI score0.01297EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/04/18 12:0 a.m.•40 views

CVE-2022-24859

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...

6.2CVSS5.8AI score0.01279EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/04/15 5:44 p.m.•40 views

CVE-2021-44498

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, attackers can cause a type to be incorrectly initialized in the function fincr in srport/fincr.c and cause a crash due to a NULL pointer dereference...

7.5CVSS7.4AI score0.01598EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/04/13 6:25 p.m.•40 views

CVE-2021-41119

Removed by vendor...

7.5CVSS7.5AI score0.01544EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/04/12 7:14 p.m.•40 views

CVE-2022-27383

MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component mystrcasecmp8bit, which is exploited via specially crafted SQL statements...

7.5CVSS8AI score0.02097EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/04/06 1:7 a.m.•40 views

CVE-2022-26110

An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing additional commands to that daemon...

8.8CVSS8.7AI score0.015EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/04/02 7:45 a.m.•40 views

CVE-2022-1201

NULL Pointer Dereference in mrbvmexec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system...

7.1CVSS6.5AI score0.00363EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/04/01 12:0 a.m.•40 views

CVE-2022-26562

Removed by vendor...

9.8CVSS9.3AI score0.02121EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/03/30 12:0 a.m.•40 views

CVE-2022-24763

PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps. Users are advised to update. There are no known workarounds...

7.5CVSS8.1AI score0.02039EPSS
Exploits0
Debian CVE
Debian CVE
•added 2022/03/25 6:2 p.m.•40 views

CVE-2021-3582

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. The issue occurs while handling a "PVRDMACMDCREATEMR" command due to improper memory remapping mremap. This flaw allows a malicious guest to crash the QEMU process on the host. The highest threat from this...

6.5CVSS6.7AI score0.00386EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/03/23 12:0 a.m.•40 views

CVE-2021-28278

A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3.05 via the RemoveSectionType function in jpgfile.c...

7.8CVSS7.6AI score0.00857EPSS
Exploits1
Debian CVE
Debian CVE
•added 2022/03/18 5:59 p.m.•40 views

CVE-2022-22594

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information...

6.5CVSS2.3AI score0.00815EPSS
Exploits0
Total number of security vulnerabilities5000