Lucene search

K
DebianDebian Linux

9127 matches found

CVE
CVE
added 2018/11/15 9:29 p.m.602 views

CVE-2018-5407

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

4.7CVSS5.6AI score0.00589EPSS
CVE
CVE
added 2020/09/30 6:15 p.m.602 views

CVE-2020-26137

urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.

6.5CVSS7.2AI score0.00579EPSS
CVE
CVE
added 2018/02/16 5:29 p.m.600 views

CVE-2017-18190

A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS serv...

7.5CVSS7.8AI score0.007EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.598 views

CVE-2019-13734

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.05634EPSS
CVE
CVE
added 2021/03/29 2:15 p.m.597 views

CVE-2021-23358

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.

7.2CVSS5.6AI score0.00968EPSS
CVE
CVE
added 2022/10/19 11:15 a.m.596 views

CVE-2022-39253

Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone a...

5.5CVSS6.5AI score0.03252EPSS
Web
CVE
CVE
added 2023/09/06 2:15 p.m.596 views

CVE-2023-4206

A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation. When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem w...

7.8CVSS7.7AI score0.00051EPSS
CVE
CVE
added 2023/09/06 2:15 p.m.595 views

CVE-2023-4622

A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() ...

7.8CVSS7.7AI score0.00034EPSS
CVE
CVE
added 2018/08/22 5:29 p.m.594 views

CVE-2018-10858

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

8.8CVSS7.1AI score0.07048EPSS
CVE
CVE
added 2023/08/23 12:15 a.m.594 views

CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.6AI score0.07638EPSS
Web
CVE
CVE
added 2023/09/06 2:15 p.m.594 views

CVE-2023-4623

A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() wi...

7.8CVSS7.9AI score0.00017EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.593 views

CVE-2018-10549

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\0' character.

8.8CVSS7.8AI score0.02232EPSS
CVE
CVE
added 2020/07/30 1:15 p.m.592 views

CVE-2020-10713

A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access t...

8.2CVSS8.6AI score0.00259EPSS
CVE
CVE
added 2019/10/17 2:15 a.m.591 views

CVE-2019-17666

rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

8.8CVSS8.9AI score0.00479EPSS
CVE
CVE
added 2019/07/10 7:15 p.m.590 views

CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due t...

9.8CVSS9.6AI score0.21398EPSS
CVE
CVE
added 2023/05/22 11:15 a.m.590 views

CVE-2023-28709

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted th...

7.5CVSS7.3AI score0.41119EPSS
CVE
CVE
added 2020/01/21 11:15 p.m.589 views

CVE-2020-7595

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

7.5CVSS7.6AI score0.00506EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.588 views

CVE-2016-9079

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird

7.5CVSS7.2AI score0.84964EPSS
In wild
CVE
CVE
added 2019/01/16 8:29 p.m.588 views

CVE-2017-3145

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, ...

7.5CVSS7.7AI score0.05766EPSS
CVE
CVE
added 2021/05/11 8:15 p.m.588 views

CVE-2020-24587

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames an...

2.6CVSS6.2AI score0.00344EPSS
In wild
CVE
CVE
added 2020/04/15 2:15 p.m.588 views

CVE-2020-2812

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoc...

4.9CVSS5.2AI score0.00115EPSS
CVE
CVE
added 2020/08/31 6:15 p.m.587 views

CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to...

5CVSS6.6AI score0.11636EPSS
CVE
CVE
added 2021/11/15 4:15 a.m.587 views

CVE-2021-43618

GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.

7.5CVSS7.7AI score0.00501EPSS
CVE
CVE
added 2023/06/06 12:15 p.m.587 views

CVE-2023-33460

There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.

6.5CVSS6.5AI score0.00119EPSS
CVE
CVE
added 2022/03/03 7:15 p.m.585 views

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

7.8CVSS8AI score0.06403EPSS
Web
CVE
CVE
added 2023/12/08 6:15 a.m.584 views

CVE-2023-45866

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such acce...

6.3CVSS6.9AI score0.23924EPSS
Web
CVE
CVE
added 2022/08/30 5:15 a.m.583 views

CVE-2022-25857

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.

7.5CVSS8.8AI score0.00299EPSS
CVE
CVE
added 2018/09/25 12:29 a.m.582 views

CVE-2018-14647

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming la...

7.5CVSS7.5AI score0.01909EPSS
CVE
CVE
added 2020/11/16 1:15 a.m.582 views

CVE-2020-25695

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest thre...

8.8CVSS7.2AI score0.23343EPSS
CVE
CVE
added 2019/10/21 5:15 a.m.581 views

CVE-2019-18218

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

7.8CVSS8AI score0.00187EPSS
CVE
CVE
added 2019/06/03 7:29 p.m.581 views

CVE-2019-3846

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

8.8CVSS9.1AI score0.00398EPSS
CVE
CVE
added 2018/10/06 2:29 p.m.579 views

CVE-2018-17456

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.

9.8CVSS9.3AI score0.6576EPSS
Web
CVE
CVE
added 2020/05/15 6:15 p.m.579 views

CVE-2020-12888

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

5.3CVSS6AI score0.00029EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.577 views

CVE-2019-2529

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols...

6.5CVSS6.2AI score0.00295EPSS
CVE
CVE
added 2020/06/04 4:15 p.m.575 views

CVE-2020-13692

PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.

7.7CVSS7.5AI score0.02469EPSS
CVE
CVE
added 2024/01/16 10:15 p.m.575 views

CVE-2024-20918

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM ...

7.4CVSS7.1AI score0.00255EPSS
CVE
CVE
added 2021/03/30 9:15 p.m.574 views

CVE-2021-29650

An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf...

5.5CVSS6.1AI score0.00024EPSS
CVE
CVE
added 2018/04/06 1:29 p.m.573 views

CVE-2018-1000156

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE...

7.8CVSS7.8AI score0.42803EPSS
CVE
CVE
added 2019/09/19 6:15 p.m.573 views

CVE-2019-14821

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->...

8.8CVSS9AI score0.00046EPSS
CVE
CVE
added 2021/01/04 6:15 p.m.572 views

CVE-2019-25013

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

7.1CVSS6.8AI score0.0068EPSS
CVE
CVE
added 2022/10/19 10:15 p.m.571 views

CVE-2022-41742

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might re...

7.1CVSS7AI score0.00072EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.570 views

CVE-2020-7063

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissio...

5.5CVSS7.3AI score0.0034EPSS
CVE
CVE
added 2022/02/24 3:15 p.m.570 views

CVE-2022-25636

net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.

7.8CVSS7.4AI score0.00436EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.569 views

CVE-2018-10545

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensit...

4.7CVSS5.5AI score0.00034EPSS
CVE
CVE
added 2020/04/15 8:15 p.m.569 views

CVE-2019-12519

An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the s...

9.8CVSS9.2AI score0.08996EPSS
CVE
CVE
added 2019/02/22 11:29 p.m.568 views

CVE-2019-9022

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parse...

7.5CVSS8.3AI score0.03002EPSS
CVE
CVE
added 2020/10/29 8:15 p.m.568 views

CVE-2020-14323

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.

5.5CVSS5.9AI score0.00421EPSS
CVE
CVE
added 2023/03/28 7:15 p.m.568 views

CVE-2022-0194

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of...

9.8CVSS9.5AI score0.08168EPSS
CVE
CVE
added 2025/01/21 9:15 p.m.568 views

CVE-2025-21502

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Orac...

4.8CVSS4.1AI score0.00024EPSS
CVE
CVE
added 2023/03/28 7:15 p.m.567 views

CVE-2022-23125

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate t...

9.8CVSS9.5AI score0.19282EPSS
Total number of security vulnerabilities9127