Total
9187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-3795 | 2 Debian, Vmware | 2 Debian Linux, Spring Security | 2021-11-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection. | |||||
| CVE-2018-17937 | 3 Debian, Gpsd Project, Microjson Project | 3 Debian Linux, Gpsd, Microjson | 2021-11-02 | 5.8 MEDIUM | 8.8 HIGH |
| gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs. | |||||
| CVE-2017-7655 | 2 Debian, Eclipse | 2 Debian Linux, Mosquitto | 2021-11-02 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vulnerability was found in the Mosquitto library which could lead to crashes for those applications using the library. | |||||
| CVE-2020-12268 | 3 Artifex, Debian, Opensuse | 3 Jbig2dec, Debian Linux, Leap | 2021-11-02 | 7.5 HIGH | 9.8 CRITICAL |
| jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. | |||||
| CVE-2018-13982 | 2 Debian, Smarty | 2 Debian Linux, Smarty | 2021-11-02 | 5.0 MEDIUM | 7.5 HIGH |
| Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files. | |||||
| CVE-2019-16779 | 3 Debian, Excon Project, Opensuse | 4 Debian Linux, Excon, Backports Sle and 1 more | 2021-10-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this. | |||||
| CVE-2019-10131 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2021-10-28 | 3.6 LOW | 7.1 HIGH |
| An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. | |||||
| CVE-2019-10192 | 5 Canonical, Debian, Oracle and 2 more | 10 Ubuntu Linux, Debian Linux, Communications Operations Monitor and 7 more | 2021-10-28 | 6.5 MEDIUM | 7.2 HIGH |
| A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer. | |||||
| CVE-2019-10193 | 5 Canonical, Debian, Oracle and 2 more | 9 Ubuntu Linux, Debian Linux, Communications Operations Monitor and 6 more | 2021-10-28 | 6.5 MEDIUM | 7.2 HIGH |
| A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer. | |||||
| CVE-2020-8167 | 2 Debian, Rubyonrails | 2 Debian Linux, Rails | 2021-10-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains. | |||||
| CVE-2020-21534 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2021-10-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c. | |||||
| CVE-2020-21533 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2021-10-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c. | |||||
| CVE-2021-25634 | 2 Debian, Libreoffice | 2 Debian Linux, Libreoffice | 2021-10-18 | 5.0 MEDIUM | 7.5 HIGH |
| LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2. | |||||
| CVE-2021-25633 | 2 Debian, Libreoffice | 2 Debian Linux, Libreoffice | 2021-10-18 | 5.0 MEDIUM | 7.5 HIGH |
| LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2. | |||||
| CVE-2017-12678 | 2 Debian, Taglib | 2 Debian Linux, Taglib | 2021-10-18 | 6.8 MEDIUM | 8.8 HIGH |
| In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. | |||||
| CVE-2017-14121 | 2 Debian, Rarlab | 2 Debian Linux, Unrar | 2021-10-18 | 4.3 MEDIUM | 5.5 MEDIUM |
| The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references. | |||||
| CVE-2018-11439 | 2 Debian, Taglib | 2 Debian Linux, Taglib | 2021-10-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. | |||||
| CVE-2021-40516 | 2 Debian, Weechat | 2 Debian Linux, Weechat | 2021-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin. | |||||
| CVE-2008-4796 | 4 Debian, Nagios, Snoopy Project and 1 more | 4 Debian Linux, Nagios, Snoopy and 1 more | 2021-09-30 | 10.0 HIGH | N/A |
| The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs. | |||||
| CVE-2018-14773 | 3 Debian, Drupal, Sensiolabs | 3 Debian Linux, Drupal, Symfony | 2021-09-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \Symfony\Component\HttpFoundation\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning. | |||||