Lucene search

K
DebianDebian Linux

9134 matches found

CVE
CVE
added 2019/09/19 6:15 p.m.578 views

CVE-2019-14821

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->...

8.8CVSS9AI score0.00053EPSS
Web
CVE
CVE
added 2020/02/27 9:15 p.m.578 views

CVE-2020-7063

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissio...

5.5CVSS7.3AI score0.0034EPSS
CVE
CVE
added 2022/11/22 2:15 a.m.578 views

CVE-2022-36227

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execut...

9.8CVSS9.4AI score0.00462EPSS
CVE
CVE
added 2017/05/23 4:29 a.m.576 views

CVE-2016-9841

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

9.8CVSS9.9AI score0.11868EPSS
CVE
CVE
added 2021/01/04 6:15 p.m.575 views

CVE-2019-25013

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

7.1CVSS6.8AI score0.0068EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.574 views

CVE-2018-10545

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensit...

4.7CVSS5.5AI score0.00114EPSS
CVE
CVE
added 2019/02/22 11:29 p.m.574 views

CVE-2019-9022

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parse...

7.5CVSS8.3AI score0.03002EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.574 views

CVE-2020-7062

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that doe...

7.5CVSS8.4AI score0.00695EPSS
CVE
CVE
added 2020/04/15 8:15 p.m.573 views

CVE-2019-12519

An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the s...

9.8CVSS9.2AI score0.08996EPSS
CVE
CVE
added 2025/03/11 2:15 p.m.573 views

CVE-2025-27363

An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a ...

8.1CVSS8.3AI score0.67143EPSS
In wildWeb
CVE
CVE
added 2020/10/29 8:15 p.m.572 views

CVE-2020-14323

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.

5.5CVSS5.9AI score0.00421EPSS
CVE
CVE
added 2021/05/11 8:15 p.m.571 views

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802...

3.5CVSS6.4AI score0.00584EPSS
CVE
CVE
added 2021/03/19 3:15 a.m.571 views

CVE-2021-27928

A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database S...

9CVSS7.4AI score0.53682EPSS
CVE
CVE
added 2023/03/28 7:15 p.m.571 views

CVE-2022-0194

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of...

9.8CVSS9.5AI score0.08168EPSS
CVE
CVE
added 2023/08/01 5:15 p.m.571 views

CVE-2023-38559

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

5.5CVSS6.3AI score0.0002EPSS
CVE
CVE
added 2022/05/04 8:15 p.m.569 views

CVE-2022-29155

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.

9.8CVSS9.5AI score0.20934EPSS
CVE
CVE
added 2017/07/13 1:29 p.m.568 views

CVE-2017-11103

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version store...

8.1CVSS7.9AI score0.05766EPSS
CVE
CVE
added 2019/05/03 8:29 p.m.568 views

CVE-2019-11036

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.

9.1CVSS7AI score0.00903EPSS
CVE
CVE
added 2023/03/28 7:15 p.m.568 views

CVE-2022-23125

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate t...

9.8CVSS9.5AI score0.22337EPSS
CVE
CVE
added 2018/03/13 4:29 p.m.567 views

CVE-2018-1057

On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).

8.8CVSS8.3AI score0.05572EPSS
CVE
CVE
added 2019/03/21 9:29 p.m.567 views

CVE-2019-3855

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

9.3CVSS8.7AI score0.11667EPSS
CVE
CVE
added 2019/09/17 4:15 p.m.566 views

CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migratio...

7.8CVSS8.3AI score0.00052EPSS
CVE
CVE
added 2021/05/12 3:15 p.m.566 views

CVE-2020-27840

A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.

7.5CVSS7.5AI score0.15679EPSS
CVE
CVE
added 2021/04/08 9:15 p.m.566 views

CVE-2021-29154

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.

7.8CVSS8AI score0.00035EPSS
CVE
CVE
added 2021/05/14 8:15 p.m.566 views

CVE-2021-3537

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest th...

5.9CVSS7AI score0.00127EPSS
In wild
CVE
CVE
added 2023/09/15 8:15 p.m.566 views

CVE-2023-40167

Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the + character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests w...

5.3CVSS5.5AI score0.02409EPSS
CVE
CVE
added 2021/02/09 8:15 p.m.565 views

CVE-2021-26937

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.

9.8CVSS9.6AI score0.02927EPSS
CVE
CVE
added 2014/05/07 10:55 a.m.564 views

CVE-2014-0196

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition in...

6.9CVSS6.3AI score0.61195EPSS
In wild
CVE
CVE
added 2019/10/04 12:15 p.m.564 views

CVE-2019-17133

In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

9.8CVSS9AI score0.00814EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.564 views

CVE-2020-14765

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to comprom...

6.8CVSS6.4AI score0.01358EPSS
CVE
CVE
added 2021/05/14 11:15 p.m.563 views

CVE-2021-33034

In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.

7.8CVSS7.5AI score0.00183EPSS
CVE
CVE
added 2022/10/19 12:15 p.m.562 views

CVE-2022-39260

Git is an open source, scalable, distributed revision control system. git shell is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the comm...

8.8CVSS9.2AI score0.01001EPSS
CVE
CVE
added 2019/10/31 9:15 p.m.560 views

CVE-2019-5010

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted cer...

7.5CVSS8.2AI score0.02754EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.557 views

CVE-2018-10547

An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomple...

6.1CVSS7.2AI score0.85775EPSS
CVE
CVE
added 2021/07/12 3:15 p.m.557 views

CVE-2021-33037

Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer e...

5.3CVSS6.1AI score0.02307EPSS
CVE
CVE
added 2022/10/02 5:15 a.m.556 views

CVE-2022-42004

In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.

7.5CVSS7.5AI score0.00202EPSS
CVE
CVE
added 2018/03/13 4:29 p.m.555 views

CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.

4.3CVSS6.2AI score0.2411EPSS
CVE
CVE
added 2019/04/09 4:29 p.m.554 views

CVE-2019-3880

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions befor...

5.5CVSS5.6AI score0.02695EPSS
CVE
CVE
added 2021/10/26 3:15 p.m.553 views

CVE-2021-41183

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various *Text options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various *Text options are now alway...

6.5CVSS6.5AI score0.02663EPSS
CVE
CVE
added 2021/10/02 12:15 a.m.553 views

CVE-2021-41864

prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.

7.8CVSS7.5AI score0.00034EPSS
CVE
CVE
added 2022/09/05 10:15 a.m.553 views

CVE-2022-38749

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

6.5CVSS7.7AI score0.00529EPSS
CVE
CVE
added 2018/12/21 9:29 p.m.552 views

CVE-2018-20346

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statem...

8.1CVSS8.4AI score0.16791EPSS
CVE
CVE
added 2021/04/29 6:15 p.m.552 views

CVE-2020-18032

Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.

7.8CVSS8AI score0.00408EPSS
CVE
CVE
added 2023/08/07 2:15 p.m.552 views

CVE-2023-4194

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a09...

5.5CVSS6.7AI score0.00008EPSS
CVE
CVE
added 2022/09/23 2:15 p.m.551 views

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.

3.7CVSS4.7AI score0.00082EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.551 views

CVE-2023-5363

Issue summary: A bug has been identified in the processing of key andinitialisation vector (IV) lengths. This can lead to potential truncationor overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness,which could result in lo...

7.5CVSS7.5AI score0.0108EPSS
CVE
CVE
added 2021/06/07 1:15 p.m.550 views

CVE-2021-22222

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file

7.5CVSS7.4AI score0.00399EPSS
CVE
CVE
added 2019/09/04 7:15 p.m.549 views

CVE-2019-15917

An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.

7CVSS7.4AI score0.00087EPSS
CVE
CVE
added 2023/02/14 7:15 p.m.549 views

CVE-2023-25725

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some he...

9.1CVSS8.9AI score0.1722EPSS
CVE
CVE
added 2020/06/08 5:15 p.m.548 views

CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

7.8CVSS7.6AI score0.03213EPSS
Web
Total number of security vulnerabilities9134