Total
9187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-35530 | 2 Debian, Libraw | 2 Debian Linux, Libraw | 2022-09-29 | N/A | 5.5 MEDIUM |
| In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file. | |||||
| CVE-2020-35531 | 2 Debian, Libraw | 2 Debian Linux, Libraw | 2022-09-29 | N/A | 5.5 MEDIUM |
| In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file. | |||||
| CVE-2020-35532 | 2 Debian, Libraw | 2 Debian Linux, Libraw | 2022-09-29 | N/A | 5.5 MEDIUM |
| In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field. | |||||
| CVE-2022-27383 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2022-09-29 | 5.0 MEDIUM | 7.5 HIGH |
| MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements. | |||||
| CVE-2022-27376 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2022-09-29 | 5.0 MEDIUM | 7.5 HIGH |
| MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements. | |||||
| CVE-2022-27381 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2022-09-29 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | |||||
| CVE-2022-27386 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2022-09-29 | 5.0 MEDIUM | 7.5 HIGH |
| MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. | |||||
| CVE-2022-27384 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2022-09-29 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | |||||
| CVE-2022-27387 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2022-09-29 | 5.0 MEDIUM | 7.5 HIGH |
| MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. | |||||
| CVE-2022-21349 | 3 Debian, Netapp, Oracle | 16 Debian Linux, 7-mode Transition Tool, Cloud Insights and 13 more | 2022-09-29 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | |||||
| CVE-2014-0207 | 5 Christos Zoulas, Debian, Opensuse and 2 more | 5 File, Debian Linux, Opensuse and 2 more | 2022-09-28 | 4.3 MEDIUM | N/A |
| The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file. | |||||
| CVE-2014-2497 | 6 Canonical, Debian, Oracle and 3 more | 12 Ubuntu Linux, Debian Linux, Solaris and 9 more | 2022-09-28 | 4.3 MEDIUM | N/A |
| The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. | |||||
| CVE-2020-27778 | 3 Debian, Freedesktop, Redhat | 3 Debian Linux, Poppler, Enterprise Linux | 2022-09-28 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service. | |||||
| CVE-2021-3497 | 3 Debian, Gstreamer Project, Redhat | 3 Debian Linux, Gstreamer, Enterprise Linux | 2022-09-28 | 6.8 MEDIUM | 7.8 HIGH |
| GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. | |||||
| CVE-2022-21499 | 2 Debian, Oracle | 2 Debian Linux, Linux | 2022-09-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2021-4079 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-09-27 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets. | |||||
| CVE-2021-4078 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-09-27 | 6.8 MEDIUM | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-16792 | 3 Agendaless, Debian, Oracle | 3 Waitress, Debian Linux, Communications Cloud Native Core Network Function Cloud Native Environment | 2022-09-23 | 5.0 MEDIUM | 7.5 HIGH |
| Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0. | |||||
| CVE-2022-24761 | 2 Agendaless, Debian | 2 Waitress, Debian Linux | 2022-09-23 | 5.0 MEDIUM | 7.5 HIGH |
| Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and where it ends. This would allow requests to be smuggled via the front-end proxy to waitress and later behavior. There are two classes of vulnerability that may lead to request smuggling that are addressed by this advisory: The use of Python's `int()` to parse strings into integers, leading to `+10` to be parsed as `10`, or `0x01` to be parsed as `1`, where as the standard specifies that the string should contain only digits or hex digits; and Waitress does not support chunk extensions, however it was discarding them without validating that they did not contain illegal characters. This vulnerability has been patched in Waitress 2.1.1. A workaround is available. When deploying a proxy in front of waitress, turning on any and all functionality to make sure that the request matches the RFC7230 standard. Certain proxy servers may not have this functionality though and users are encouraged to upgrade to the latest version of waitress instead. | |||||
| CVE-2020-25085 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2022-09-23 | 4.4 MEDIUM | 5.0 MEDIUM |
| QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case. | |||||