Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
DebianDebian Linux

961 matches found

CVE
CVEadded 2022/02/02 6:15 a.m.54 views

CVE-2022-24301

In Minetest before 5.4.0, players can add or subtract items from a different player's inventory.

6.5CVSS6.5AI score0.00273EPSS
CVE
CVEadded 2022/09/19 9:15 p.m.54 views

CVE-2022-28203

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query.

7.5CVSS7.3AI score0.00163EPSS
CVE
CVEadded 2022/09/15 3:15 p.m.54 views

CVE-2022-38860

Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

5.5CVSS5.5AI score0.00034EPSS
CVE
CVEadded 2022/06/07 6:15 p.m.53 views

CVE-2019-9971

PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpdump can be unsafe when used in conjunction with s...

9CVSS8.7AI score0.00366EPSS
CVE
CVEadded 2022/11/02 1:15 p.m.53 views

CVE-2021-37789

stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.

8.1CVSS7.8AI score0.00104EPSS
CVE
CVEadded 2022/01/25 1:15 p.m.53 views

CVE-2021-45845

The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.

7.8CVSS7.8AI score0.01334EPSS
CVE
CVEadded 2022/09/02 6:15 p.m.52 views

CVE-2020-22669

Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications.

9.8CVSS9.6AI score0.00067EPSS
CVE
CVEadded 2022/08/23 8:15 p.m.50 views

CVE-2020-35511

A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file.

7.8CVSS7.4AI score0.00054EPSS
CVE
CVEadded 2022/02/02 6:15 a.m.50 views

CVE-2022-24300

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.

9.8CVSS9.5AI score0.00714EPSS
CVE
CVEadded 2022/06/07 6:15 p.m.48 views

CVE-2019-9972

PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of " followed by " mishandling.

9CVSS8.6AI score0.00446EPSS
CVE
CVEadded 2022/01/01 9:15 p.m.42 views

CVE-2021-45972

The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data.

7.1CVSS7AI score0.00258EPSS
Total number of security vulnerabilities961