Lucene search

K
DebianDebian Linux

9134 matches found

CVE
CVE
added 2016/06/07 2:6 p.m.57 views

CVE-2015-7695

The PDO adapters in Zend Framework before 1.12.16 do not filer null bytes in SQL statements, which allows remote attackers to execute arbitrary SQL commands via a crafted query.

9.8CVSS9.6AI score0.01232EPSS
CVE
CVE
added 2018/04/13 4:29 p.m.57 views

CVE-2017-0362

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token.

8.8CVSS8.6AI score0.00178EPSS
CVE
CVE
added 2017/08/29 10:29 p.m.57 views

CVE-2017-13755

In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls.

5.5CVSS5.4AI score0.00285EPSS
CVE
CVE
added 2017/09/03 8:29 p.m.57 views

CVE-2017-14122

unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.

9.1CVSS9.1AI score0.00569EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.57 views

CVE-2017-17845

An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs because Math.Random() is used by pretty Easy privacy (pEp), aka TBE-01-001.

7.5CVSS7.2AI score0.00508EPSS
CVE
CVE
added 2017/09/13 6:29 p.m.57 views

CVE-2017-2816

An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability.

8.8CVSS8.6AI score0.00747EPSS
CVE
CVE
added 2017/02/24 4:59 a.m.57 views

CVE-2017-6310

An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker.

7.8CVSS7.5AI score0.00353EPSS
CVE
CVE
added 2017/03/18 8:59 p.m.57 views

CVE-2017-7178

CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its init .py file and (2) causing the victim to download, install, and enable this plugin.

8.8CVSS8.3AI score0.01226EPSS
CVE
CVE
added 2017/12/03 7:29 a.m.57 views

CVE-2017-8823

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013.

8.1CVSS7.8AI score0.00674EPSS
CVE
CVE
added 2018/05/20 8:29 p.m.57 views

CVE-2018-11319

Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to...

8.5CVSS7.6AI score0.01633EPSS
CVE
CVE
added 2018/08/04 1:29 a.m.57 views

CVE-2018-14593

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.

8.8CVSS8.5AI score0.00681EPSS
CVE
CVE
added 2018/01/25 10:29 p.m.57 views

CVE-2018-6315

The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file.

8.8CVSS8.3AI score0.00725EPSS
CVE
CVE
added 2018/02/02 1:29 a.m.57 views

CVE-2018-6521

The sqlauth module in SimpleSAMLphp before 1.15.2 relies on the MySQL utf8 charset, which truncates queries upon encountering four-byte characters. There might be a scenario in which this allows remote attackers to bypass intended access restrictions.

9.8CVSS9.1AI score0.00585EPSS
CVE
CVE
added 2018/02/23 9:29 p.m.57 views

CVE-2018-7439

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the function read_mini_biff_next_record.

8.8CVSS8.5AI score0.01006EPSS
CVE
CVE
added 2018/03/14 12:29 a.m.57 views

CVE-2018-8099

Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file.

6.5CVSS5.8AI score0.00945EPSS
CVE
CVE
added 2018/04/03 10:29 p.m.57 views

CVE-2018-9240

ncmpc through 0.29 is prone to a NULL pointer dereference flaw. If a user uses the chat screen and another client sends a long chat message, a crash and denial of service could occur.

7.5CVSS7.2AI score0.00436EPSS
CVE
CVE
added 2020/11/30 7:15 p.m.57 views

CVE-2020-29394

A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).

7.8CVSS8.1AI score0.00596EPSS
CVE
CVE
added 2022/04/18 5:15 p.m.57 views

CVE-2020-35631

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of ...

10CVSS9.2AI score0.00318EPSS
CVE
CVE
added 2021/04/06 8:15 a.m.57 views

CVE-2020-36308

Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time entries.

5.3CVSS5.4AI score0.0045EPSS
CVE
CVE
added 2021/07/19 5:15 p.m.57 views

CVE-2020-36421

An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed.

5.3CVSS6.9AI score0.0019EPSS
CVE
CVE
added 2021/07/19 5:15 p.m.57 views

CVE-2020-36424

An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.

4.7CVSS5.4AI score0.00085EPSS
CVE
CVE
added 2022/01/19 9:15 p.m.57 views

CVE-2021-23225

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.

5.4CVSS5.5AI score0.00651EPSS
CVE
CVE
added 2021/02/18 5:15 p.m.57 views

CVE-2021-27379

An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct....

7.8CVSS8.1AI score0.00076EPSS
CVE
CVE
added 2021/04/28 7:15 a.m.57 views

CVE-2021-31864

Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the add_issue_notes permission requirement by leveraging the incoming mail handler.

5.3CVSS5.4AI score0.00217EPSS
CVE
CVE
added 2021/09/01 3:15 p.m.57 views

CVE-2021-36047

XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

9.3CVSS7.5AI score0.00879EPSS
CVE
CVE
added 2021/09/01 3:15 p.m.57 views

CVE-2021-36054

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in local application denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

5.5CVSS4.7AI score0.00245EPSS
CVE
CVE
added 2021/09/01 3:15 p.m.57 views

CVE-2021-36057

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of th...

4CVSS3.7AI score0.00062EPSS
CVE
CVE
added 2022/11/02 2:15 p.m.57 views

CVE-2022-43235

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

6.5CVSS7.3AI score0.00153EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.56 views

CVE-2001-0170

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.

2.1CVSS6.8AI score0.00261EPSS
CVE
CVE
added 2003/07/02 4:0 a.m.56 views

CVE-2003-0367

znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.

2.1CVSS6AI score0.00141EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.56 views

CVE-2004-1076

Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.

7.2CVSS7.3AI score0.00098EPSS
CVE
CVE
added 2005/10/24 10:2 a.m.56 views

CVE-2005-3302

Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.

7.5CVSS7.3AI score0.04914EPSS
CVE
CVE
added 2007/10/30 10:46 p.m.56 views

CVE-2007-5730

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "N...

7.2CVSS7.2AI score0.00139EPSS
CVE
CVE
added 2008/07/25 4:41 p.m.56 views

CVE-2008-3325

Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page.

6CVSS7.6AI score0.00397EPSS
CVE
CVE
added 2009/02/13 1:30 a.m.56 views

CVE-2008-6124

SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7, 1.7 before 1.7.5, 1.8 before 1.8.6, and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt.

7.5CVSS8.3AI score0.0042EPSS
CVE
CVE
added 2009/03/25 11:30 p.m.56 views

CVE-2009-0784

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.

6.3CVSS6.2AI score0.00039EPSS
CVE
CVE
added 2010/02/02 4:30 p.m.56 views

CVE-2009-4013

Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control ...

9.8CVSS9.3AI score0.00836EPSS
CVE
CVE
added 2011/02/04 6:0 p.m.56 views

CVE-2011-0779

Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension.

5CVSS6.1AI score0.01479EPSS
CVE
CVE
added 2011/03/25 7:55 p.m.56 views

CVE-2011-1400

The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute ...

6.8CVSS7.5AI score0.02061EPSS
CVE
CVE
added 2011/09/23 10:55 a.m.56 views

CVE-2011-2766

The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.

7.5CVSS6.7AI score0.00261EPSS
CVE
CVE
added 2019/11/14 4:15 p.m.56 views

CVE-2012-1155

Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to

7.5CVSS7.4AI score0.01269EPSS
CVE
CVE
added 2013/05/25 3:18 a.m.56 views

CVE-2013-3555

epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

5CVSS6.3AI score0.03399EPSS
CVE
CVE
added 2013/05/25 3:18 a.m.56 views

CVE-2013-3562

Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.

5CVSS6.3AI score0.0344EPSS
CVE
CVE
added 2013/09/16 7:14 p.m.56 views

CVE-2013-4234

Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.

6.8CVSS7.8AI score0.03086EPSS
CVE
CVE
added 2019/12/13 2:15 p.m.56 views

CVE-2014-3495

duplicity 0.6.24 has improper verification of SSL certificates

7.5CVSS7.5AI score0.00284EPSS
CVE
CVE
added 2015/01/09 6:59 p.m.56 views

CVE-2014-9272

The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the javascript:// protocol.

4.3CVSS5.2AI score0.00442EPSS
CVE
CVE
added 2019/11/25 4:15 p.m.56 views

CVE-2015-1396

A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.

7.5CVSS6.2AI score0.03663EPSS
CVE
CVE
added 2015/03/31 2:59 p.m.56 views

CVE-2015-2684

Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message.

4CVSS6AI score0.00455EPSS
CVE
CVE
added 2016/05/13 2:59 p.m.56 views

CVE-2015-5726

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.

7.5CVSS8AI score0.00869EPSS
CVE
CVE
added 2016/04/25 2:59 p.m.56 views

CVE-2015-8852

Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP ...

7.5CVSS7.3AI score0.0109EPSS
Total number of security vulnerabilities9134