Debian Linux Security Vulnerabilities and Issues — Debian Linux CVE List

Lucene search

DebianDebian Linux

9 matches found

CVE•added 2024/11/14 1:15 p.m.•625 views

CVE-2024-10978

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses par...

4.2CVSS6.5AI score0.00157EPSS

CVE•added 2024/11/12 8:15 p.m.•398 views

CVE-2024-52301

Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, ...

8.7CVSS6.8AI score0.18401EPSS

Web

CVE•added 2024/11/11 11:15 p.m.•171 views

CVE-2024-52533

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

9.8CVSS7.5AI score0.01378EPSS

CVE•added 2024/11/10 10:15 p.m.•106 views

CVE-2024-46956

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

7.8CVSS7.2AI score0.00362EPSS

CVE•added 2024/11/10 9:15 p.m.•100 views

CVE-2024-46951

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

7.8CVSS7.1AI score0.00077EPSS

CVE•added 2024/11/19 6:15 p.m.•98 views

CVE-2024-10224

Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|" as a filename) or by passing arbitrary strings to eval().

7.8CVSS6.7AI score0.00402EPSS

CVE•added 2024/11/10 10:15 p.m.•92 views

CVE-2024-46953

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

7.8CVSS7.2AI score0.00077EPSS

CVE•added 2024/11/10 10:15 p.m.•78 views

CVE-2024-46952

An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).

8.4CVSS6.9AI score0.00032EPSS

CVE•added 2024/11/10 10:15 p.m.•69 views

CVE-2024-46955

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

5.5CVSS6.4AI score0.00059EPSS