Debian Linux Security Vulnerabilities
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
5.5CVSS
6.5AI Score
0.0005EPSS
An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP md5header option. ...
7.5CVSS
7.4AI Score
0.002EPSS
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.
8.8CVSS
8.7AI Score
0.006EPSS
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.
7.8CVSS
7.9AI Score
0.001EPSS
In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.
5.5CVSS
5.4AI Score
0.001EPSS
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.
7.8CVSS
7.5AI Score
0.0004EPSS
In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.
7.8CVSS
7.8AI Score
0.001EPSS
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.
7.8CVSS
7.2AI Score
0.001EPSS
An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.
5.5CVSS
6.1AI Score
0.0004EPSS
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.
7.8CVSS
7.2AI Score
0.002EPSS
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.
7.8CVSS
7.8AI Score
0.002EPSS
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow vulnerability in the DecodeLZW function. It allows an attacker to write a large amount of arbitrary data outside the boundaries of a buffer.
7.8CVSS
7.6AI Score
0.001EPSS
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and (to some exte...
7.8CVSS
7.5AI Score
0.001EPSS
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function. It allows an attacker to write 2 bytes outside the boundaries of the buffer.
7.8CVSS
7.6AI Score
0.001EPSS
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOpsQPainterPath::Element ::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
5.5CVSS
5.5AI Score
0.001EPSS
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
5.5CVSS
5.8AI Score
0.001EPSS
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).
5.5CVSS
5.8AI Score
0.001EPSS
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
5.5CVSS
5.5AI Score
0.001EPSS
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
5.5CVSS
5.7AI Score
0.001EPSS
UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.
5.5CVSS
5.8AI Score
0.001EPSS
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
8.8CVSS
9.1AI Score
0.01EPSS
The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data.
7.1CVSS
7AI Score
0.001EPSS
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.
5.5CVSS
5.2AI Score
0.001EPSS
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.
5.5CVSS
5.2AI Score
0.001EPSS
Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences.
6.1CVSS
5.7AI Score
0.004EPSS
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
7.5CVSS
7.2AI Score
0.005EPSS
options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client.
5.3CVSS
5.3AI Score
0.001EPSS
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
6.5CVSS
6.6AI Score
0.02EPSS
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.
7.8CVSS
7.6AI Score
0.001EPSS
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
7.5CVSS
7.3AI Score
0.005EPSS
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
7.8CVSS
7.8AI Score
0.001EPSS
res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrenc...
6.5CVSS
6.3AI Score
0.008EPSS
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
9.1CVSS
9.3AI Score
0.004EPSS
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
7.8CVSS
7.5AI Score
0.0004EPSS
A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).
5.5CVSS
6.1AI Score
0.0004EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of...
9.8CVSS
9.5AI Score
0.029EPSS
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.
8.8CVSS
8.1AI Score
0.001EPSS
6.6CVSS
6.5AI Score
0.001EPSS
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
6.1CVSS
6.6AI Score
0.004EPSS
7.8CVSS
8.6AI Score
0.001EPSS
9.8CVSS
9.2AI Score
0.011EPSS
5.5CVSS
6.1AI Score
0.001EPSS
Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.002EPSS
7.8CVSS
8.1AI Score
0.001EPSS
A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.5AI Score
0.002EPSS
7.8CVSS
7.6AI Score
0.002EPSS
7.8CVSS
7.6AI Score
0.001EPSS