Lucene search
+L
DebianDebian Linux

9999 matches found

CVE
CVE
added 2024/05/20 9:48 a.m.7138 views

CVE-2024-36004

CVE-2024-36004 is a Linux kernel issue where the i40e driver's workqueue was created with the WQ_MEM_RECLAIM flag, triggering a check_flush_dependency warning when i40e and i40iw are loaded. The fix removes the flag on i40e’s workqueue, mirroring a similar fix in ice, and is documented in several...

5.5CVSS6.7AI score0.00248EPSS
CVE
CVE
added 2024/05/19 8:34 a.m.7125 views

CVE-2024-35900

CVE-2024-35900 affects the Linux kernel nf_tables (netfilter). The issue arises when the dormant table flag is toggled; during commit, hooks are iterated across both existing and new chains, which can lead to an inconsistent state. This may trigger a warning when unregistering a chain that is alr...

5.5CVSS6.6AI score0.00226EPSS
CVE
CVE
added 2024/05/13 10:22 a.m.7116 views

CVE-2024-27398

CVE-2024-27398 – Linux kernel Bluetooth SCO use-after-free . The vulnerability stems from a use-after-free in sco_sock_timeout: after a SCO connection is established, releasing the SCO socket may schedule timeout_work, but the socket can be freed yet still dereferenced by sco_sock_timeout, leadin...

7.8CVSS6.3AI score0.00757EPSS
CVE
CVE
added 2024/05/13 10:29 a.m.7064 views

CVE-2024-27401

CVE-2024-27401 affects the Linux kernel’s firewire nosy code path. The vulnerability arises because packet_buffer_get could read beyond the user-supplied length if the head packet length exceeded user_length, potentially allowing a user-space overflow. The fix ensures the function returns 0 when ...

7.1CVSS6.6AI score0.00296EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.6985 views

CVE-2024-26870

CVE-2024-26870 describes a Linux kernel vulnerability in NFSv4.2 where listxattr could trigger a kernel BUG in mm/usercopy.c when size handling is incorrect. The connected Astra Linux entry mirrors the issue and provides a concrete fix: modify nfs4_listxattr() so that if size > 0 and the funct...

5.5CVSS6.6AI score0.00272EPSS
CVE
CVE
added 2024/05/13 10:24 a.m.6944 views

CVE-2024-27399

CVE-2024-27399 affects the Linux kernel Bluetooth stack (l2cap). It is caused by a race between l2cap_chan_timeout() and l2cap_chan_del(), where deleting a channel can set chan->conn to NULL but a dereference may occur in mutex_lock() inside l2cap_chan_timeout(), leading to a NULL pointer dere...

5.5CVSS6.1AI score0.00301EPSS
CVE
CVE
added 2021/12/10 12:0 a.m.6923 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wild
CVE
CVE
added 2024/02/20 1:21 p.m.6826 views

CVE-2024-1551

The CVE-2024-1551 issue is a header-injection vulnerability in Set-Cookie handling within multipart HTTP responses. The root cause is that an attacker able to control the Content-Type header and part of the response body could inject Set-Cookie headers that the browser would honor. Affected produ...

6.1CVSS7.5AI score0.00743EPSS
CVE
CVE
added 2024/02/29 5:43 a.m.6722 views

CVE-2023-52482

CVE-2023-52482 is a Linux kernel issue where x86 SRSO mitigation was added to address speculative return stack overflow on Hygon processors. The connected Nessus entry for MiracleLinux 9 references kernel commits that implement x86 srso mitigation for Hygon and notes this CVE’s resolution, aligni...

7.8CVSS6.8AI score0.00257EPSS
CVE
CVE
added 2021/09/16 2:40 p.m.6655 views

CVE-2021-39275

CVE-2021-39275 affects Apache HTTP Server (httpd) up to 2.4.48 and earlier. The issue is an out-of-bounds write in ap_escape_quotes() when given malicious input, potentially crashing the server or enabling code execution in some environments. Several connected sources concur this vulnerability ex...

9.8CVSS9.3AI score0.36339EPSS
CVE
CVE
added 2024/05/06 7:21 p.m.6579 views

CVE-2024-33599

CVE-2024-33599 affects the GNU C Library (glibc) with a stack-based overflow in the netgroup cache used by nscd when the fixed-size cache is overwhelmed by client requests. The flaw was introduced in glibc 2.15 and is present only in the nscd binary; exploitation can impact confidentiality, integ...

8.1CVSS8.4AI score0.0131EPSS
CVE
CVE
added 2024/02/20 1:21 p.m.6548 views

CVE-2024-1546

Mozilla Firefox and Thunderbird are affected by CVE-2024-1546 (out-of-bounds memory read due to potential buffer length confusion when storing/re-accessing data over a network channel). Affected products and versions per provided documents: Firefox <= 122? (reported as Firefox < 123) and Fi...

7.5CVSS7.5AI score0.00712EPSS
CVE
CVE
added 2024/02/20 1:21 p.m.6528 views

CVE-2024-1548

CVE-2024-1548 describes a spoofing risk where a fullscreen notification could be obscured by a dropdown select input, potentially confusing users. Affected: Firefox <123, Firefox ESR <115.8, Thunderbird

4.3CVSS7.2AI score0.00937EPSS
CVE
CVE
added 2024/04/13 11:17 a.m.6490 views

CVE-2024-26817

CVE-2024-26817 affects the Linux kernel amdkfd component. The vulnerability arises from using kzalloc with a multiplication that can overflow; the fix replaces kzalloc with calloc to avoid integer overflow. Descriptions in connected Nessus advisories (Unity Linux UTSA advisories) reiterate the sa...

5.5CVSS6.2AI score0.00754EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.6415 views

CVE-2001-0554

CVE-2001-0554 affects netkit-telnetd (Telnet daemon) on BSD-based systems, via a buffer overflow in in.telnetd/telrcv handling (triggered by certain Telnet options such as AYT). OpenVAS entries describe a remote attacker potentially causing denial of service or gaining remote code execution; at l...

10CVSS7.4AI score0.37896EPSS
CVE
CVE
added 2024/02/20 1:21 p.m.6410 views

CVE-2024-1549

Summary (CVE-2024-1549) : The issue is a UI overlap flaw where a website setting a large custom cursor could cause parts of the cursor to overlap the permission dialog, risking user confusion and accidental permission grants. Affected products include Mozilla Firefox (up to version < 123) and ...

6.1CVSS7.4AI score0.00525EPSS
CVE
CVE
added 2024/05/06 7:22 p.m.6402 views

CVE-2024-33600

CVE-2024-33600 is an in-nscd (Name Service Cache Daemon) null pointer dereference caused by a failure to cache a not-found netgroup response. It affects the nscd binary and was introduced with glibc’s cache feature (glbic 2.15+). Exploitation depends on remote input, but the provided sources do n...

5.9CVSS7AI score0.01216EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.6354 views

CVE-2023-52644

CVE-2023-52644 relates to a Linux kernel WiFi component (b43) where the QoS-disabled path could map the IEEE 802.11 queue incorrectly due to a single-queue scenario. The root cause is that when QoS is off, the code may attempt to stop/wake a non-existent queue or fail to stop/wake the actual queu...

6.3CVSS5.8AI score0.00232EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.6297 views

CVE-2024-26861

CVE-2024-26861 affects the Linux kernel wireguard receive path, where a data race around keypair->receiving_counter.counter was identified (READ_ONCE/WRITE_ONCE annotations used to mark the race as intentional). The race occurs between wg_packet_decrypt_worker and wg_packet_rx_poll, potentiall...

4.7CVSS6.3AI score0.00177EPSS
CVE
CVE
added 2024/04/04 9:51 a.m.6288 views

CVE-2024-26809

CVE-2024-26809 is a Linux kernel vulnerability in netfilter nft_set_pipapo logic. The issue arises when destroying set elements: clone path may destroy elements twice because it did not always use a current view of the lookup table. The root cause is that destruction could proceed without the lat...

5.5CVSS6.1AI score0.00283EPSS
CVE
CVE
added 2024/04/10 1:53 p.m.6285 views

CVE-2024-26816

CVE-2024-26816 affects the Linux kernel on x86 where, when CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section. Relocations in .notes were previously possible and could leak the KASLR base via /sys/kernel/notes. The fixes instruct the kernel to skip performing relocations in the .n...

5.5CVSS5.8AI score0.00307EPSS
CVE
CVE
added 2024/03/19 12:2 p.m.6080 views

CVE-2023-5388

CVE-2023-5388 concerns an NSS timing attack during RSA decryption that could leak private data. Connected entries confirm affected software: Mozilla Firefox (including ESR) and Thunderbird, with vulnerable builds prior to Firefox 124 and Thunderbird 115.9.x. Root cause is a timing side-channel in...

6.5CVSS6.3AI score0.00816EPSS
CVE
CVE
added 2024/05/01 5:19 a.m.6070 views

CVE-2024-26957

CVE-2024-26957 relates to the Linux kernel’s s390/zcrypt subsystem, where reference counting on zcrypt card objects was fixed to prevent a use-after-free of the zcrypt_card during hot-plug/probe/remove cycles. The issue could allow freeing a zcrypt card object while it is still in use, as demonst...

7.8CVSS6.4AI score0.00239EPSS
CVE
CVE
added 2024/03/06 6:45 a.m.6059 views

CVE-2023-52583

The CVE-2023-52583 entry describes a Linux kernel issue in the ceph component where dget() usage could lead to a deadlock due to incorrect lock ordering between dentry and its parent. The dead code path was never used because the parent directory is always supplied by callers, so the fix removes ...

5.5CVSS6.2AI score0.00182EPSS
CVE
CVE
added 2017/06/20 1:0 a.m.6053 views

CVE-2017-7668

CVE-2017-7668: Apache httpd contains a buffer over-read in ap_find_token() caused by strict HTTP parsing changes in 2.2.32 and 2.4.24. A remote attacker can craft headers to crash the httpd process or have ap_find_token() return an incorrect value. Affected distributions have addressed this by up...

7.5CVSS8.4AI score0.57472EPSS
CVE
CVE
added 2024/05/01 5:29 a.m.5963 views

CVE-2024-27008

CVE-2024-27008 is confirmed in the connected MiracleLinux advisories as a Linux kernel vulnerability affecting the drm nv04 driver. Description: when Output Resource (dcb->or) is assigned in fabricate_dcb_output(), there can be an out-of-bounds access to the dac_users array if dcb->or is ze...

7.8CVSS6.2AI score0.00293EPSS
CVE
CVE
added 2024/02/29 3:52 p.m.5955 views

CVE-2024-26614

CVE-2024-26614 : Linux kernel vulnerability where the accept_queue spinlocks were not initialized correctly, enabling a local attacker to trigger a denial of service. The issue surfaces in tcp handling and was observed in syz reproductions showing pvqspinlock corruption during queue operations. C...

5.5CVSS6.4AI score0.00173EPSS
CVE
CVE
added 2024/02/26 12:0 a.m.5911 views

CVE-2024-25082

FontForge (through 20230101) is affected by CVE-2024-25081 and CVE-2024-25082, allowing shell command injection via specially crafted filenames or archives/compressed files. Public advisories from Debian (DSA-5641-1), AlmaLinux (ALSA-2024-2495 / ALSA-2024-565), and Amazon Linux (ALAS2024-2495 / A...

6.5CVSS8.7AI score0.0187EPSS
Web
CVE
CVE
added 2020/04/01 11:8 p.m.5903 views

CVE-2020-1927

CVE-2020-1927 affects Apache HTTP Server 2.4.0–2.4.41, where mod_rewrite redirects intended to be self-referential could be fooled by encoded newlines and redirect to an unexpected URL within the request. Multiple connected advisories confirm the issue and indicate that fixes were released in Apa...

6.1CVSS6.7AI score0.56691EPSS
CVE
CVE
added 2024/02/29 3:52 p.m.5882 views

CVE-2023-52492

CVE-2023-52492 refers to a Linux kernel vulnerability in the DMA engine where __dma_async_device_channel_unregister() could dereference a NULL chan->local if __dma_async_device_channel_register() failed and channels were unregistered. The fixed behavior adds a guard at the beginning of __dma_a...

4.4CVSS6AI score0.00269EPSS
CVE
CVE
added 2019/01/10 12:0 a.m.5827 views

CVE-2018-20685

CVE-2018-20685 affects OpenSSH scp client: scp.c allows remote servers to bypass access restrictions via the filename "." or an empty filename, potentially enabling modification of the client-directory permissions. Multiple advisories confirm this vulnerability and fix paths: Arch Linux ASA-20190...

5.3CVSS6.3AI score0.03681EPSS
In wild
CVE
CVE
added 2019/08/13 8:50 p.m.5804 views

CVE-2019-9513

CVE-2019-9513 (and related HTTP/2 CVEs) affect nginx and nghttp2. The issues enable denial of service via HTTP/2 resource loops and priority/window manipulation, causing high CPU/memory usage. nginx 1.16.x and nghttp2 are specifically named in advisories; remediation is upgrading to fixed package...

7.8CVSS7.7AI score0.82017EPSS
CVE
CVE
added 2018/08/17 12:0 a.m.5775 views

CVE-2018-15473

OpenSSH vulnerability CVE-2018-15473 affects OpenSSH up to version 7.7, where the server may enumerate valid usernames by returning different responses for invalid authentication attempts due to not delaying bailout until after the request packet is parsed (auth2-gss.c, auth2-hostbased.c, auth2-p...

5.9CVSS5.8AI score0.98631EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.5739 views

CVE-2024-26859

CVE-2024-26859: In the Linux kernel, a race in the bnX2x driver during EEH error handling could cause a read of freed memory when bnx2x_io_slot_reset() and bnx2x_nic_unload() race. The fix ensures page pool allocations are verified before freeing SGEs to prevent NULL-pointer dereferences and cras...

4.7CVSS6.2AI score0.00182EPSS
CVE
CVE
added 2024/05/01 5:20 a.m.5725 views

CVE-2024-26973

CVE-2024-26973 concerns the Linux kernel fat subsystem. The issue occurred when fat_encode_fh_nostale() encoded a file handle without a parent and stored only the first 10 bytes; since the file handle length must be a multiple of 4, the actual length is 12 bytes and the last two bytes could be un...

5.5CVSS6.1AI score0.00257EPSS
CVE
CVE
added 2024/05/01 5:28 a.m.5718 views

CVE-2024-26999

CVE-2024-26999 — Linux kernel (serial/pmac_zilog) A vulnerability in the Linux kernel’s pmac_zilog serial driver was mitigated by a patch that was later removed. The mitigation intended to stop IRQs entirely caused a crash when pmac_zilog is used as a serial console. Specifically, a pr_err() path...

5.5CVSS6.4AI score0.00182EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.5717 views

CVE-2024-26862

CVE-2024-26862 — Linux kernel data race (kernel 5.x/6.x) Root cause: missing READ_ONCE()/WRITE_ONCE() annotations for ignore_outgoing reads in packet code; read/write races observed between dev_queue_xmit_nit() and packet_setsockopt(). Syzkaller/KCSAN reported a data-race affecting packet_setsock...

4.7CVSS6.1AI score0.00208EPSS
CVE
CVE
added 2024/05/01 5:17 a.m.5695 views

CVE-2024-26931

CVE-2024-26931 affects the Linux kernel driver for SCSI over Fibre Channel (scsi: qla2xxx). The issue arises when memory pressure prevents a command flush during cable pull recovery, causing the upper SCSI layer to modify scsi_cmnd improperly. When memory is freed and a subsequent cable pull trig...

5.5CVSS6.5AI score0.00254EPSS
CVE
CVE
added 2024/05/14 5:21 p.m.5676 views

CVE-2024-4367

CVE-2024-4367 concerns a missing type check when handling fonts in PDF.js, allowing arbitrary JavaScript execution within the PDF.js context. Affected products listed in connected docs include Firefox before 126, Firefox ESR before 115.11, and Thunderbird before 115.11. The root cause is limited ...

8.8CVSS5.9AI score0.72648EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.5659 views

CVE-2024-26872

The CVE-2024-26872 vulnerability affects the Linux kernel RDMA/srpt subsystem. A race condition allows a use-after-free situation in srpt_refresh_port() when an event handler is registered before the srpt device is fully initialized. The issue can impact confidentiality, integrity, and availabili...

7CVSS6.3AI score0.00235EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.5628 views

CVE-2024-26874

CVE-2024-26874 is a Linux kernel vulnerability in the drm/mediatek driver where a race allows a NULL pointer dereference in mtk_drm_crtc_finish_page_flip if mtk_crtc->event is NULL. The root cause is that pending_needs_vblank is derived from mtk_crtc->event and a race occurs between atomic_...

4.7CVSS6.3AI score0.00238EPSS
CVE
CVE
added 2024/04/10 12:7 p.m.5567 views

CVE-2024-31309

CVE-2024-31309 affects Apache Traffic Server (ATS) HTTP/2 CONTINUATION handling. A DoS can occur due to CONTINUATION frame floods, impacting ATS 8.0.0–8.1.9 and 9.0.0–9.2.3. Upstream fixes are in 8.1.10 and 9.2.4. Practical mitigation includes setting proxy.config.http2.max_continuation_frames_pe...

7.5CVSS7.5AI score0.94615EPSS
CVE
CVE
added 2020/04/01 7:22 p.m.5491 views

CVE-2020-1934

CVE-2020-1934 affects Apache HTTP Server 2.4.0–2.4.41 via mod_proxy_ftp, which may use uninitialized memory when proxying to a malicious FTP backend. Public advisories confirm the fixes in Apache HTTP Server 2.4.43+ (e.g., ALAS-2020-1370/ALAS2-2020-1427), so upgrading to 2.4.43 or newer is the re...

5.3CVSS6AI score0.51951EPSS
In wild
CVE
CVE
added 2024/03/06 6:45 a.m.5412 views

CVE-2024-26625

The CVE-2024-26625 entry concerns a Linux kernel issue in the LLC path where a stale sk->sk_wq pointer could remain after releasing an LLC socket. The trace indicates a use-after-free path triggered by sock_wfree and related sk_buff paths. The fix involves a commit that clears sock->sk afte...

7.8CVSS5.8AI score0.00249EPSS
CVE
CVE
added 2017/05/30 6:0 p.m.5375 views

CVE-2017-7494

CVE-2017-7494 affects Samba 3.5.0 and later, with vulnerable ranges ending before 4.6.4, and also before 4.5.10 and 4.4.14 in some branches. The flaw enables a malicious client with write access to a writable Samba share to upload a shared library and trigger the server to load and execute it, ac...

10CVSS10AI score0.99448EPSS
In wild
CVE
CVE
added 2023/10/10 12:0 a.m.5330 views

CVE-2023-44487

CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...

7.5CVSS8AI score0.99999EPSS
In wild
CVE
CVE
added 2019/08/13 8:50 p.m.5318 views

CVE-2019-9517

CVE-2019-9517 describes an attack against some HTTP/2 implementations where unconstrained internal data buffering can cause a denial of service. The vulnerability arises when an attacker floods a connection with a large number of requests for a large response object while manipulating HTTP/2 flow...

7.8CVSS7.7AI score0.27004EPSS
CVE
CVE
added 2023/12/18 12:0 a.m.5280 views

CVE-2023-51385

OpenSSH CVE-2023-51385: OS command injection can occur when a username or hostname containing shell metacharacters is used in expansion tokens, e.g., in untrusted repositories. Affected: OpenSSH up to version

6.5CVSS7.1AI score0.19753EPSS
Web
CVE
CVE
added 2018/11/07 2:0 p.m.5272 views

CVE-2018-16843

CVE-2018-16843 affects nginx before 1.15.6 and 1.14.1, where HTTP/2 implementation vulnerabilities in ngx_http_v2_module (if http2 is enabled) can cause excessive memory usage. Connected advisories also reference related CVEs (16844/16845) and show multiple distributions (Debian, Fedora/Red Hat, ...

7.8CVSS7.3AI score0.47057EPSS
CVE
CVE
added 2018/11/07 2:0 p.m.5124 views

CVE-2018-16844

CVE-2018-16844 affects nginx before versions 1.15.6 and 1.14.1 where HTTP/2 implementation can cause excessive CPU usage when nginx is built with the ngx_http_v2_module and the listen directive uses http2. The issue is triggered by HTTP/2 handling and is report-backed across multiple providers (D...

7.8CVSS7.3AI score0.124EPSS
Total number of security vulnerabilities9999