Lucene search

K
DebianDebian Linux10.0

3299 matches found

CVE
CVE
added 2024/05/17 2:15 p.m.116 views

CVE-2024-35835

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups When in allocated by kvzalloc fails, arfs_create_groups will freeft->g and return an error. However, arfs_create_table, the only caller ofarfs_create_groups, will hold this erro...

5.3CVSS6.7AI score0.00167EPSS
CVE
CVE
added 2017/09/14 6:29 a.m.115 views

CVE-2017-12899

The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().

9.8CVSS9.3AI score0.01009EPSS
CVE
CVE
added 2022/01/10 8:15 p.m.115 views

CVE-2021-21408

Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch.

8.8CVSS8.6AI score0.00361EPSS
CVE
CVE
added 2021/09/20 4:15 p.m.115 views

CVE-2021-32278

An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code Execution.

7.8CVSS7.3AI score0.00148EPSS
CVE
CVE
added 2021/12/23 1:15 a.m.115 views

CVE-2021-4053

Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00634EPSS
CVE
CVE
added 2022/03/14 11:15 p.m.115 views

CVE-2021-42387

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value ('offset') is read from the compressed data. The offset is later used in the length of a copy operation, without checking th...

8.1CVSS8.2AI score0.00196EPSS
CVE
CVE
added 2022/07/06 7:15 p.m.115 views

CVE-2022-2318

There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

5.5CVSS6.8AI score0.00073EPSS
CVE
CVE
added 2024/04/03 3:15 p.m.115 views

CVE-2023-52637

In the Linux kernel, the following vulnerability has been resolved: can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Lock jsk->sk to prevent UAF when setsockopt(..., SO_J1939_FILTER, ...)modifies jsk->filters while receiving packets. Following trace was seen on ...

7.8CVSS5.8AI score0.00011EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.115 views

CVE-2024-26883

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the numberof hash buckets, and contains an overflow check by checking if theresulting value is 0. However, on 32-bit arch...

7.8CVSS6.7AI score0.00011EPSS
CVE
CVE
added 2024/05/19 9:15 a.m.115 views

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stackmemory being negative; the access size can appear negative as a resultof overflowing its signed int repr...

7.8CVSS7.1AI score0.00023EPSS
CVE
CVE
added 2024/05/20 10:15 a.m.115 views

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield())uses skb_protocol(skb, true), pskb_inet_may_pul...

5.5CVSS6.7AI score0.00008EPSS
CVE
CVE
added 2024/06/03 8:15 a.m.115 views

CVE-2024-36960

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structurethat's actually used. The length of the drm_event was set to the parent structure instead ofto the drm_vmw...

7.1CVSS6.7AI score0.00013EPSS
CVE
CVE
added 2020/01/23 5:15 p.m.114 views

CVE-2019-18222

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.

4.7CVSS4.6AI score0.0006EPSS
CVE
CVE
added 2021/11/02 10:15 p.m.114 views

CVE-2021-37985

Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.01094EPSS
CVE
CVE
added 2021/11/02 10:15 p.m.114 views

CVE-2021-37995

Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5CVSS6.4AI score0.00355EPSS
CVE
CVE
added 2021/12/23 1:15 a.m.114 views

CVE-2021-38010

Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.

6.5CVSS6.5AI score0.00357EPSS
CVE
CVE
added 2022/01/31 8:15 a.m.114 views

CVE-2021-45079

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

9.1CVSS9.1AI score0.0006EPSS
CVE
CVE
added 2022/01/01 12:15 a.m.114 views

CVE-2021-45949

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).

5.5CVSS5.7AI score0.00035EPSS
CVE
CVE
added 2022/03/10 5:48 p.m.114 views

CVE-2022-26846

SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code.

8.8CVSS8.6AI score0.00834EPSS
CVE
CVE
added 2022/04/20 11:15 p.m.114 views

CVE-2022-29536

In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.

7.5CVSS7.4AI score0.00121EPSS
CVE
CVE
added 2022/09/01 6:15 p.m.114 views

CVE-2022-2996

A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.

7.4CVSS7.1AI score0.00109EPSS
CVE
CVE
added 2017/09/14 6:29 a.m.113 views

CVE-2017-13024

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

9.8CVSS9.3AI score0.01009EPSS
CVE
CVE
added 2017/06/02 7:29 p.m.113 views

CVE-2017-9404

In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file.

6.5CVSS6.2AI score0.00962EPSS
CVE
CVE
added 2017/06/26 12:29 p.m.113 views

CVE-2017-9936

In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack.

6.5CVSS6.5AI score0.06042EPSS
CVE
CVE
added 2020/09/09 7:15 p.m.113 views

CVE-2020-24916

CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection.

10CVSS9.4AI score0.39147EPSS
CVE
CVE
added 2020/12/24 3:15 p.m.113 views

CVE-2020-28169

The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM.

7CVSS7AI score0.01351EPSS
CVE
CVE
added 2020/04/27 10:15 p.m.113 views

CVE-2020-9481

Apache ATS 6.0.0 to 6.2.3, 7.0.0 to 7.1.9, and 8.0.0 to 8.0.6 is vulnerable to a HTTP/2 slow read attack.

7.5CVSS7.3AI score0.05231EPSS
CVE
CVE
added 2022/05/26 4:15 p.m.113 views

CVE-2022-30785

A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite.

7.2CVSS6.7AI score0.00011EPSS
CVE
CVE
added 2022/10/17 1:15 p.m.113 views

CVE-2022-3550

A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability ...

8.8CVSS7.2AI score0.00241EPSS
CVE
CVE
added 2022/10/21 6:15 a.m.113 views

CVE-2022-3629

A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It...

3.3CVSS5.8AI score0.00032EPSS
CVE
CVE
added 2024/02/05 8:15 a.m.113 views

CVE-2024-24858

A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.

5.3CVSS7AI score0.00016EPSS
CVE
CVE
added 2024/05/01 1:15 p.m.113 views

CVE-2024-27059

In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS valuesin the ATA ID information to calculate cylinder and head values whencreating a CDB for READ or ...

5.5CVSS6.3AI score0.00007EPSS
CVE
CVE
added 2021/05/27 7:15 p.m.112 views

CVE-2020-10729

A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are...

5.5CVSS5.4AI score0.00056EPSS
CVE
CVE
added 2021/09/16 9:15 p.m.112 views

CVE-2020-21531

fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.

5.5CVSS5.7AI score0.00119EPSS
CVE
CVE
added 2020/03/24 9:15 p.m.112 views

CVE-2020-6078

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdns_recv, the return value of the mdns_read_header function is not checked, leading to an uninitialized variable usage that eventually results in...

7.5CVSS7.3AI score0.01405EPSS
CVE
CVE
added 2021/09/20 4:15 p.m.112 views

CVE-2021-32280

An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8.

5.5CVSS5.3AI score0.00092EPSS
CVE
CVE
added 2021/12/22 6:15 p.m.112 views

CVE-2021-37706

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before perfor...

9.8CVSS8.6AI score0.00133EPSS
CVE
CVE
added 2021/12/23 1:15 a.m.112 views

CVE-2021-4052

Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

8.8CVSS8.8AI score0.00102EPSS
CVE
CVE
added 2021/12/23 1:15 a.m.112 views

CVE-2021-4054

Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

6.5CVSS6.4AI score0.00345EPSS
CVE
CVE
added 2022/05/26 4:15 p.m.112 views

CVE-2022-30789

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.

7.8CVSS7.5AI score0.00034EPSS
CVE
CVE
added 2019/12/26 8:15 p.m.111 views

CVE-2012-2736

In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.

4.4CVSS4.5AI score0.00081EPSS
CVE
CVE
added 2018/05/26 6:29 p.m.111 views

CVE-2018-11490

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified ot...

8.8CVSS8.8AI score0.0022EPSS
CVE
CVE
added 2021/05/25 8:15 p.m.111 views

CVE-2020-20453

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service

6.5CVSS7.5AI score0.0028EPSS
CVE
CVE
added 2021/07/14 1:15 p.m.111 views

CVE-2021-24119

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single st...

4.9CVSS4.9AI score0.00354EPSS
CVE
CVE
added 2021/11/23 10:15 p.m.111 views

CVE-2021-37997

Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.00989EPSS
CVE
CVE
added 2021/08/12 4:15 p.m.111 views

CVE-2021-38291

FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.

7.5CVSS8.3AI score0.00135EPSS
CVE
CVE
added 2024/03/18 11:15 a.m.111 views

CVE-2023-52612

In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req->dst buffer overflow The req->dst buffer size should be checked before copying from thescomp_scratch->dst to avoid req->dst buffer overflow problem.

7.8CVSS6.6AI score0.00011EPSS
CVE
CVE
added 2024/05/19 9:15 a.m.111 views

CVE-2024-35888

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head syzbot reported a problem in ip6erspan_rcv() [1] Issue is that ip6erspan_rcv() (and erspan_rcv()) no longer makesure erspan_base_hdr is present in skb linear part (skb-&g...

5.5CVSS6.6AI score0.00008EPSS
CVE
CVE
added 2017/09/14 6:29 a.m.110 views

CVE-2017-13020

The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

9.8CVSS9.3AI score0.0206EPSS
CVE
CVE
added 2022/02/24 7:15 p.m.110 views

CVE-2021-3608

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer. The hi...

6CVSS6AI score0.00017EPSS
Total number of security vulnerabilities3299