Lucene search

K
DebianDebian Linux

9127 matches found

CVE
CVE
added 2020/02/06 1:15 a.m.370 views

CVE-2020-8649

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.

5.9CVSS6.2AI score0.00094EPSS
CVE
CVE
added 2018/06/13 11:29 p.m.369 views

CVE-2018-0495

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP....

4.7CVSS5.5AI score0.00313EPSS
CVE
CVE
added 2018/10/26 2:29 p.m.369 views

CVE-2018-15688

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.

8.8CVSS9AI score0.00829EPSS
CVE
CVE
added 2020/12/09 5:15 p.m.369 views

CVE-2020-29660

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

4.4CVSS6.3AI score0.00109EPSS
CVE
CVE
added 2021/01/05 5:15 a.m.369 views

CVE-2020-36158

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.

8.8CVSS7.7AI score0.00465EPSS
CVE
CVE
added 2022/03/30 12:15 p.m.369 views

CVE-2022-1154

Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.

7.8CVSS8.3AI score0.00419EPSS
CVE
CVE
added 2018/03/27 9:29 p.m.368 views

CVE-2018-0739

Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.5AI score0.13832EPSS
CVE
CVE
added 2019/06/17 8:15 p.m.368 views

CVE-2019-8321

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible.

7.5CVSS8AI score0.00135EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.368 views

CVE-2020-14581

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocol...

4.3CVSS4AI score0.00261EPSS
CVE
CVE
added 2020/02/24 3:15 p.m.368 views

CVE-2020-8130

There is an OS command injection vulnerability in Ruby Rake

6.9CVSS6.6AI score0.00096EPSS
CVE
CVE
added 2017/10/17 1:29 p.m.367 views

CVE-2017-13079

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3CVSS6.6AI score0.00387EPSS
CVE
CVE
added 2017/11/20 3:29 p.m.367 views

CVE-2017-16544

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code executi...

8.8CVSS8.4AI score0.01248EPSS
CVE
CVE
added 2019/12/18 8:15 p.m.367 views

CVE-2018-1311

The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via th...

8.1CVSS7.9AI score0.04171EPSS
CVE
CVE
added 2019/03/06 3:29 p.m.367 views

CVE-2019-3824

A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.

6.5CVSS5.5AI score0.08815EPSS
CVE
CVE
added 2019/03/25 7:29 p.m.367 views

CVE-2019-3860

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

9.1CVSS8.7AI score0.00808EPSS
CVE
CVE
added 2021/03/23 12:15 a.m.367 views

CVE-2021-21346

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...

9.8CVSS8.3AI score0.02965EPSS
CVE
CVE
added 2021/02/15 5:15 p.m.367 views

CVE-2021-27218

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

7.5CVSS7.7AI score0.04301EPSS
CVE
CVE
added 2021/08/03 7:15 p.m.367 views

CVE-2021-30560

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.00092EPSS
CVE
CVE
added 2021/08/05 8:15 p.m.367 views

CVE-2021-3679

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service...

5.5CVSS6.1AI score0.0139EPSS
CVE
CVE
added 2022/06/15 8:15 p.m.367 views

CVE-2022-21125

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS6.3AI score0.00522EPSS
CVE
CVE
added 2022/01/10 2:12 p.m.367 views

CVE-2022-22822

addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

9.8CVSS9.5AI score0.01328EPSS
CVE
CVE
added 2023/08/01 3:15 p.m.367 views

CVE-2023-4048

An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR

7.5CVSS8AI score0.00386EPSS
CVE
CVE
added 2017/10/17 1:29 p.m.366 views

CVE-2017-13081

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3CVSS6.7AI score0.00346EPSS
CVE
CVE
added 2021/03/23 12:15 a.m.366 views

CVE-2021-21345

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who foll...

9.9CVSS7.8AI score0.85307EPSS
CVE
CVE
added 2021/05/12 11:15 p.m.366 views

CVE-2021-23134

Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.

7.8CVSS7.5AI score0.00019EPSS
CVE
CVE
added 2011/12/25 1:55 a.m.365 views

CVE-2011-4862

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as ...

10CVSS7.3AI score0.92585EPSS
CVE
CVE
added 2015/03/16 10:59 a.m.365 views

CVE-2015-1421

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper ...

10CVSS5.9AI score0.25935EPSS
CVE
CVE
added 2018/04/03 10:29 p.m.365 views

CVE-2017-17742

Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick.

5.3CVSS6.8AI score0.0093EPSS
CVE
CVE
added 2018/12/26 6:29 p.m.365 views

CVE-2018-20482

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system b...

4.7CVSS4.5AI score0.00028EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.365 views

CVE-2018-3180

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

6.8CVSS5.8AI score0.00055EPSS
CVE
CVE
added 2019/11/26 6:15 p.m.365 views

CVE-2019-16254

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. ...

5.3CVSS6.8AI score0.0093EPSS
CVE
CVE
added 2020/12/11 11:15 a.m.365 views

CVE-2020-7788

This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.

9.8CVSS8.4AI score0.00291EPSS
CVE
CVE
added 2021/02/10 4:15 p.m.365 views

CVE-2021-27135

xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence.

9.8CVSS9.6AI score0.00673EPSS
CVE
CVE
added 2017/10/31 9:29 p.m.364 views

CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a m...

9.1CVSS9.1AI score0.00921EPSS
CVE
CVE
added 2018/08/08 7:29 p.m.364 views

CVE-2018-14526

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive informa...

6.5CVSS5.7AI score0.00648EPSS
CVE
CVE
added 2019/07/19 5:15 p.m.364 views

CVE-2019-1010238

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when a...

9.8CVSS9.7AI score0.05393EPSS
CVE
CVE
added 2020/05/22 6:15 p.m.364 views

CVE-2020-13398

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.

8.3CVSS8AI score0.00382EPSS
CVE
CVE
added 2023/10/10 7:15 p.m.364 views

CVE-2023-45648

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A speciallycrafted, invalid trailer header could cause Tomcat t...

5.3CVSS7.6AI score0.0054EPSS
CVE
CVE
added 2016/07/04 10:59 p.m.363 views

CVE-2016-3092

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.

7.8CVSS7.5AI score0.44747EPSS
CVE
CVE
added 2018/05/23 1:29 p.m.363 views

CVE-2018-1126

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

9.8CVSS7.7AI score0.00302EPSS
Web
CVE
CVE
added 2019/05/09 4:29 p.m.363 views

CVE-2019-11840

An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream is ...

5.9CVSS5.6AI score0.02757EPSS
CVE
CVE
added 2019/07/12 3:15 a.m.363 views

CVE-2019-13574

In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command.

7.8CVSS7.4AI score0.29491EPSS
CVE
CVE
added 2020/02/24 2:15 p.m.363 views

CVE-2019-20044

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().

7.8CVSS7.8AI score0.00091EPSS
CVE
CVE
added 2019/08/15 10:15 p.m.363 views

CVE-2019-9850

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on variou...

9.8CVSS9.2AI score0.85073EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.363 views

CVE-2020-14781

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple pro...

4.3CVSS3.5AI score0.00117EPSS
CVE
CVE
added 2018/03/17 12:29 a.m.362 views

CVE-2018-8740

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.

7.5CVSS7.3AI score0.09036EPSS
CVE
CVE
added 2020/01/29 9:15 p.m.362 views

CVE-2019-20445

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.

9.1CVSS8.9AI score0.00434EPSS
CVE
CVE
added 2020/04/02 9:15 p.m.362 views

CVE-2020-11494

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2ce...

4.4CVSS5.3AI score0.00124EPSS
CVE
CVE
added 2020/10/06 2:15 p.m.362 views

CVE-2020-25643

A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnera...

7.5CVSS7.2AI score0.00433EPSS
CVE
CVE
added 2021/05/11 8:15 p.m.362 views

CVE-2020-26147

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames a...

5.4CVSS6.3AI score0.00297EPSS
Total number of security vulnerabilities9127