Lucene search

K
DebianDebian Linux

9127 matches found

CVE
CVE
added 2021/08/05 9:15 p.m.390 views

CVE-2021-22924

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively ,which could lead t...

4.3CVSS5.7AI score0.0063EPSS
CVE
CVE
added 2021/09/29 8:15 p.m.390 views

CVE-2021-3653

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicio...

8.8CVSS8.3AI score0.00013EPSS
CVE
CVE
added 2022/07/17 10:15 p.m.390 views

CVE-2021-46784

In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.

6.5CVSS6.6AI score0.08055EPSS
CVE
CVE
added 2024/11/12 8:15 p.m.390 views

CVE-2024-52301

Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, ...

8.7CVSS6.8AI score0.1762EPSS
Web
CVE
CVE
added 2018/07/26 4:29 p.m.389 views

CVE-2017-12163

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server...

7.1CVSS7AI score0.27333EPSS
CVE
CVE
added 2019/12/10 11:15 p.m.389 views

CVE-2019-14861

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permis...

5.3CVSS5.3AI score0.00885EPSS
CVE
CVE
added 2020/05/18 6:15 p.m.389 views

CVE-2020-13143

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

6.5CVSS6.5AI score0.02148EPSS
CVE
CVE
added 2012/07/05 2:55 p.m.388 views

CVE-2012-2143

The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an a...

4.3CVSS6.6AI score0.03564EPSS
CVE
CVE
added 2018/07/26 6:29 p.m.388 views

CVE-2017-12150

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.

7.4CVSS6.5AI score0.19416EPSS
CVE
CVE
added 2019/12/12 11:15 p.m.388 views

CVE-2019-12420

In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.

7.5CVSS7.2AI score0.13675EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.388 views

CVE-2020-12769

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

5.5CVSS5.7AI score0.00063EPSS
CVE
CVE
added 2020/07/17 4:15 p.m.388 views

CVE-2020-15586

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.

5.9CVSS6.6AI score0.00614EPSS
CVE
CVE
added 2020/05/21 4:15 a.m.388 views

CVE-2020-6463

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9.1AI score0.02781EPSS
CVE
CVE
added 2021/07/21 3:15 p.m.388 views

CVE-2021-2369

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows unauthentica...

4.3CVSS4.3AI score0.00276EPSS
CVE
CVE
added 2022/08/26 4:15 p.m.388 views

CVE-2021-3669

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

5.5CVSS6.3AI score0.00009EPSS
CVE
CVE
added 2019/12/11 12:15 a.m.387 views

CVE-2019-19604

Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository.

9.3CVSS8.7AI score0.01438EPSS
CVE
CVE
added 2023/08/08 6:15 p.m.387 views

CVE-2023-20569

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

4.7CVSS6.6AI score0.00633EPSS
CVE
CVE
added 2018/06/26 4:29 p.m.385 views

CVE-2018-1000517

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixe...

9.8CVSS9.4AI score0.39905EPSS
CVE
CVE
added 2020/03/18 10:15 p.m.385 views

CVE-2020-10673

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).

8.8CVSS8.3AI score0.20473EPSS
CVE
CVE
added 2023/08/22 7:16 p.m.385 views

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-...

6.5CVSS6.5AI score0.00461EPSS
CVE
CVE
added 2016/06/07 2:6 p.m.384 views

CVE-2016-4450

os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.

7.5CVSS7AI score0.03144EPSS
CVE
CVE
added 2019/03/07 11:29 p.m.384 views

CVE-2018-14498

get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.

6.5CVSS6.7AI score0.00397EPSS
CVE
CVE
added 2020/07/09 3:15 p.m.384 views

CVE-2020-12399

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR

4.4CVSS5.9AI score0.00101EPSS
CVE
CVE
added 2021/10/19 3:15 p.m.384 views

CVE-2021-37137

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplyin...

7.5CVSS7.4AI score0.00597EPSS
CVE
CVE
added 2023/08/07 7:15 p.m.384 views

CVE-2023-36054

lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_da...

6.5CVSS6.5AI score0.00648EPSS
CVE
CVE
added 2015/12/15 9:59 p.m.383 views

CVE-2015-5312

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.

7.1CVSS6.2AI score0.05353EPSS
CVE
CVE
added 2018/12/18 10:29 p.m.383 views

CVE-2018-16884

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption an...

8CVSS7.8AI score0.00089EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.383 views

CVE-2018-3214

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with netw...

5.3CVSS5.5AI score0.00124EPSS
CVE
CVE
added 2019/05/15 1:29 p.m.383 views

CVE-2019-11833

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.

5.5CVSS6.4AI score0.00025EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.383 views

CVE-2019-18679

An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information red...

7.5CVSS8.5AI score0.24267EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.383 views

CVE-2019-2745

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java...

5.1CVSS4.8AI score0.00063EPSS
CVE
CVE
added 2020/03/24 10:15 p.m.383 views

CVE-2020-10942

In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.

5.4CVSS6.2AI score0.00051EPSS
CVE
CVE
added 2020/11/28 7:15 a.m.383 views

CVE-2020-29374

An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-1...

3.6CVSS4.9AI score0.00021EPSS
CVE
CVE
added 2022/01/26 7:15 p.m.383 views

CVE-2022-23990

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

7.5CVSS8.7AI score0.03519EPSS
CVE
CVE
added 2018/05/30 4:29 a.m.382 views

CVE-2018-11235

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because sub...

7.8CVSS8.1AI score0.64144EPSS
CVE
CVE
added 2019/01/11 8:29 p.m.382 views

CVE-2018-16864

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versi...

7.8CVSS6.2AI score0.0015EPSS
CVE
CVE
added 2018/11/14 3:29 p.m.382 views

CVE-2018-17466

Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8CVSS7.1AI score0.00881EPSS
CVE
CVE
added 2019/12/24 1:15 a.m.382 views

CVE-2019-19948

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.

9.8CVSS9.4AI score0.00644EPSS
CVE
CVE
added 2019/03/27 2:29 p.m.382 views

CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2,

7.5CVSS8.3AI score0.94336EPSS
In wildWeb
CVE
CVE
added 2021/05/11 8:15 p.m.382 views

CVE-2020-24586

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted u...

3.5CVSS6.2AI score0.00254EPSS
CVE
CVE
added 2020/12/07 10:15 p.m.382 views

CVE-2020-28935

NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writi...

5.5CVSS6.4AI score0.00081EPSS
CVE
CVE
added 2020/12/15 5:15 p.m.382 views

CVE-2020-29569

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the ...

8.8CVSS8.3AI score0.00123EPSS
CVE
CVE
added 2023/09/05 10:15 p.m.382 views

CVE-2023-4762

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.7AI score0.13089EPSS
In wild
CVE
CVE
added 2019/08/21 6:15 a.m.381 views

CVE-2019-15292

An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.

10CVSS6AI score0.00953EPSS
CVE
CVE
added 2020/01/16 4:15 p.m.381 views

CVE-2019-18282

The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used. The hashr...

5.3CVSS6AI score0.00392EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.381 views

CVE-2019-2949

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos...

6.8CVSS6.4AI score0.00358EPSS
CVE
CVE
added 2020/11/19 7:15 p.m.381 views

CVE-2020-28948

Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.

7.8CVSS7.7AI score0.70341EPSS
In wild
CVE
CVE
added 2023/12/24 10:15 p.m.381 views

CVE-2023-7101

Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of N...

7.8CVSS7.9AI score0.88514EPSS
In wild
CVE
CVE
added 2019/12/24 1:15 a.m.380 views

CVE-2019-19949

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.

9.1CVSS9.2AI score0.00289EPSS
CVE
CVE
added 2020/09/09 2:15 p.m.380 views

CVE-2020-1968

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted com...

4.3CVSS4.1AI score0.00681EPSS
Total number of security vulnerabilities9127