Lucene search

K
DebianDebian Linux

9134 matches found

CVE
CVE
added 2021/03/10 8:15 a.m.489 views

CVE-2020-13936

An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Ve...

9CVSS8.9AI score0.10882EPSS
CVE
CVE
added 2020/01/08 8:15 p.m.488 views

CVE-2019-11745

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR <...

8.8CVSS8.7AI score0.0062EPSS
CVE
CVE
added 2021/07/20 12:15 p.m.488 views

CVE-2021-22235

Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file

7.5CVSS7.4AI score0.00344EPSS
CVE
CVE
added 2022/11/23 8:15 p.m.488 views

CVE-2022-41946

pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either PreparedStatement.setText(int, InputStream) or PreparedStatemet.setBytea(int, InputStream) will create a temporary file if the InputStream is larger than 2k. This will create a temporary file whi...

5.5CVSS5.2AI score0.00042EPSS
CVE
CVE
added 2022/12/05 10:15 p.m.488 views

CVE-2022-43548

A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1,

8.1CVSS8.4AI score0.00639EPSS
CVE
CVE
added 2018/08/03 1:29 p.m.486 views

CVE-2018-14883

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.

7.5CVSS7.5AI score0.12006EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.486 views

CVE-2019-2698

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of ...

8.1CVSS7.7AI score0.06081EPSS
CVE
CVE
added 2023/06/01 5:15 p.m.486 views

CVE-2023-32324

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function format_log_line could allow remote attackers to cause a Do...

7.5CVSS6.8AI score0.00282EPSS
CVE
CVE
added 2017/08/28 7:29 p.m.484 views

CVE-2017-3735

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

5.3CVSS6.1AI score0.26744EPSS
CVE
CVE
added 2018/10/30 12:29 p.m.484 views

CVE-2018-0734

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0....

5.9CVSS5.9AI score0.04261EPSS
CVE
CVE
added 2020/02/06 1:15 a.m.484 views

CVE-2020-8648

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

7.1CVSS7AI score0.00036EPSS
CVE
CVE
added 2021/10/04 5:15 p.m.484 views

CVE-2021-41103

containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory con...

7.8CVSS6.8AI score0.00066EPSS
CVE
CVE
added 2024/04/16 10:15 p.m.484 views

CVE-2024-21096

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to...

4.9CVSS5.9AI score0.00097EPSS
CVE
CVE
added 2023/10/11 12:15 p.m.483 views

CVE-2023-44981

Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The...

9.1CVSS9.3AI score0.00027EPSS
CVE
CVE
added 2019/04/10 8:29 p.m.482 views

CVE-2019-11068

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

9.8CVSS9.4AI score0.00934EPSS
CVE
CVE
added 2022/03/13 12:15 a.m.482 views

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

5.6CVSS6.4AI score0.00143EPSS
CVE
CVE
added 2023/09/30 8:15 p.m.482 views

CVE-2023-44488

VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.

7.5CVSS7.9AI score0.00689EPSS
CVE
CVE
added 2017/05/23 4:29 a.m.481 views

CVE-2016-9840

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

8.8CVSS9.6AI score0.0726EPSS
CVE
CVE
added 2019/10/18 9:15 p.m.481 views

CVE-2019-18197

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be discl...

7.5CVSS7.6AI score0.0154EPSS
CVE
CVE
added 2020/01/16 11:15 p.m.481 views

CVE-2020-7039

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.

6.8CVSS6.7AI score0.0102EPSS
CVE
CVE
added 2019/05/10 10:29 p.m.480 views

CVE-2019-11884

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.

3.3CVSS5.6AI score0.0008EPSS
CVE
CVE
added 2020/06/09 1:15 p.m.480 views

CVE-2020-10757

A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.

7.8CVSS7.5AI score0.00569EPSS
CVE
CVE
added 2020/09/15 8:15 p.m.480 views

CVE-2020-14314

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system a...

5.5CVSS5.9AI score0.00012EPSS
CVE
CVE
added 2020/02/10 9:56 p.m.480 views

CVE-2020-8840

FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.

9.8CVSS9.3AI score0.08164EPSS
In wildWeb
CVE
CVE
added 2022/03/03 11:15 p.m.480 views

CVE-2021-3640

A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. ...

7CVSS7.1AI score0.00005EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.480 views

CVE-2023-21954

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vuln...

5.9CVSS6.1AI score0.00053EPSS
CVE
CVE
added 2019/06/24 5:15 p.m.478 views

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

7.8CVSS7.5AI score0.05817EPSS
CVE
CVE
added 2019/01/11 2:29 p.m.478 views

CVE-2019-6133

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

6.7CVSS6.2AI score0.00014EPSS
CVE
CVE
added 2020/03/31 5:15 a.m.478 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).

8.8CVSS8.3AI score0.60714EPSS
CVE
CVE
added 2021/01/26 6:16 p.m.478 views

CVE-2021-3114

In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.

6.5CVSS7AI score0.00043EPSS
CVE
CVE
added 2023/09/12 8:15 p.m.478 views

CVE-2023-4921

A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of s...

7.8CVSS7.9AI score0.00013EPSS
CVE
CVE
added 2021/03/07 5:15 a.m.477 views

CVE-2021-27364

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

7.1CVSS7AI score0.00041EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.476 views

CVE-2018-10548

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.

7.5CVSS6.2AI score0.54396EPSS
CVE
CVE
added 2019/08/14 5:15 p.m.476 views

CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary cipher...

8.1CVSS8.4AI score0.03146EPSS
CVE
CVE
added 2021/05/24 6:15 p.m.476 views

CVE-2020-26558

Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiati...

4.3CVSS6.1AI score0.00025EPSS
CVE
CVE
added 2021/02/08 8:15 p.m.476 views

CVE-2021-21290

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multip...

6.2CVSS6.2AI score0.00017EPSS
CVE
CVE
added 2022/05/09 6:15 p.m.476 views

CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.

7.5CVSS7.8AI score0.00469EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.476 views

CVE-2023-21939

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vuln...

5.3CVSS5.7AI score0.0149EPSS
CVE
CVE
added 2020/03/02 4:15 a.m.475 views

CVE-2020-9548

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).

9.8CVSS9.1AI score0.70373EPSS
CVE
CVE
added 2022/01/18 5:15 p.m.475 views

CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges ...

7CVSS6.9AI score0.00016EPSS
CVE
CVE
added 2022/04/19 9:15 p.m.475 views

CVE-2022-21426

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerab...

5.3CVSS5.3AI score0.00055EPSS
CVE
CVE
added 2023/12/24 6:15 a.m.475 views

CVE-2023-51766

Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but som...

5.3CVSS5.3AI score0.00966EPSS
CVE
CVE
added 2019/12/03 4:15 p.m.474 views

CVE-2019-19527

In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.

7.2CVSS7.4AI score0.00027EPSS
CVE
CVE
added 2021/05/27 12:15 p.m.474 views

CVE-2021-28651

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a l...

7.5CVSS7.3AI score0.03306EPSS
CVE
CVE
added 2020/02/07 3:15 p.m.473 views

CVE-2019-15605

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

9.8CVSS9.5AI score0.32252EPSS
CVE
CVE
added 2022/02/16 7:15 p.m.473 views

CVE-2021-3752

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to con...

7.9CVSS7.2AI score0.00031EPSS
CVE
CVE
added 2017/11/16 2:29 a.m.472 views

CVE-2017-8807

vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore tra...

9.1CVSS8.8AI score0.01748EPSS
CVE
CVE
added 2019/04/23 10:29 p.m.472 views

CVE-2019-11487

The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/h...

7.8CVSS8AI score0.00059EPSS
CVE
CVE
added 2019/07/10 2:15 p.m.471 views

CVE-2019-13224

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...

9.8CVSS9.9AI score0.00634EPSS
CVE
CVE
added 2019/11/13 2:15 p.m.471 views

CVE-2019-18397

A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an applic...

7.8CVSS8AI score0.00807EPSS
Total number of security vulnerabilities9134