Filtered by vendor Debian
Subscribe
Total
9332 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6646 | 6 Apple, Debian, Google and 3 more | 6 Mac Os X, Debian Linux, Chrome and 3 more | 2022-11-10 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the shutting down of a worker process. | |||||
| CVE-2022-21824 | 4 Debian, Netapp, Nodejs and 1 more | 11 Debian Linux, Oncommand Insight, Oncommand Workflow Automation and 8 more | 2022-11-10 | 6.4 MEDIUM | 8.2 HIGH |
| Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to. | |||||
| CVE-2022-23772 | 3 Debian, Golang, Netapp | 6 Debian Linux, Go, Beegfs Csi Driver and 3 more | 2022-11-09 | 7.8 HIGH | 7.5 HIGH |
| Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. | |||||
| CVE-2019-19947 | 4 Canonical, Debian, Linux and 1 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2022-11-09 | 2.1 LOW | 4.6 MEDIUM |
| In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. | |||||
| CVE-2022-0351 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2022-11-09 | 4.6 MEDIUM | 7.8 HIGH |
| Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-0359 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2022-11-09 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-0361 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2022-11-09 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2020-21675 | 2 Debian, Fig2dev Project | 2 Debian Linux, Fig2dev | 2022-11-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format. | |||||
| CVE-2022-0368 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2022-11-09 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-0213 | 2 Debian, Vim | 2 Debian Linux, Vim | 2022-11-09 | 6.8 MEDIUM | 6.6 MEDIUM |
| vim is vulnerable to Heap-based Buffer Overflow | |||||
| CVE-2022-0319 | 4 Apple, Canonical, Debian and 1 more | 4 Macos, Ubuntu Linux, Debian Linux and 1 more | 2022-11-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| Out-of-bounds Read in vim/vim prior to 8.2. | |||||
| CVE-2014-9709 | 5 Canonical, Debian, Libgd and 2 more | 5 Ubuntu Linux, Debian Linux, Libgd and 2 more | 2022-11-09 | 5.0 MEDIUM | N/A |
| The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function. | |||||
| CVE-2022-27380 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2022-11-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | |||||
| CVE-2018-3282 | 6 Canonical, Debian, Mariadb and 3 more | 11 Ubuntu Linux, Debian Linux, Mariadb and 8 more | 2022-11-08 | 4.0 MEDIUM | 4.9 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2020-26932 | 2 Debian, Sympa | 2 Debian Linux, Sympa | 2022-11-08 | 4.0 MEDIUM | 4.3 MEDIUM |
| debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for sympa_newaliases-wrapper, whereas the intended permissions are mode 4750 (for access by the sympa group) | |||||
| CVE-2020-12862 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Leap and 1 more | 2022-11-08 | 3.3 LOW | 4.3 MEDIUM |
| An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. | |||||
| CVE-2020-12863 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Leap and 1 more | 2022-11-08 | 3.3 LOW | 4.3 MEDIUM |
| An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. | |||||
| CVE-2020-12865 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Leap and 1 more | 2022-11-08 | 5.2 MEDIUM | 8.0 HIGH |
| A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. | |||||
| CVE-2021-4214 | 3 Debian, Libpng, Netapp | 3 Debian Linux, Libpng, Ontap Select Deploy Administration Utility | 2022-11-08 | N/A | 5.5 MEDIUM |
| A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service. | |||||
| CVE-2019-17670 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2022-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs. | |||||