| CRITICAL |
CVE-2023-38545 |
curl: heap based buffer overflow in the SOCKS5 proxy handshake |
curl |
7.88.1-10 |
7.88.1-10+deb12u4 |
| CRITICAL |
CVE-2023-6879 |
aom: heap-buffer-overflow on frame size change |
libaom3 |
3.6.0-1 |
|
| CRITICAL |
CVE-2023-38545 |
curl: heap based buffer overflow in the SOCKS5 proxy handshake |
libcurl3-gnutls |
7.88.1-10 |
7.88.1-10+deb12u4 |
| CRITICAL |
CVE-2023-38545 |
curl: heap based buffer overflow in the SOCKS5 proxy handshake |
libcurl4 |
7.88.1-10 |
7.88.1-10+deb12u4 |
| CRITICAL |
CVE-2023-38545 |
curl: heap based buffer overflow in the SOCKS5 proxy handshake |
libcurl4-openssl-dev |
7.88.1-10 |
7.88.1-10+deb12u4 |
| CRITICAL |
CVE-2023-5841 |
OpenEXR: Heap Overflow in Scanline Deep Data Parsing |
libopenexr-3-1-30 |
3.1.5-5 |
|
| CRITICAL |
CVE-2023-5841 |
OpenEXR: Heap Overflow in Scanline Deep Data Parsing |
libopenexr-dev |
3.1.5-5 |
|
| CRITICAL |
CVE-2023-25775 |
kernel: irdma: Improper access control |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| CRITICAL |
CVE-2023-38426 |
An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an ... |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| CRITICAL |
CVE-2023-38427 |
integer underflow and out-of-bounds read in deassemble_neg_contexts |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| CRITICAL |
CVE-2023-38428 |
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb ... |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| CRITICAL |
CVE-2023-38429 |
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/con ... |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| CRITICAL |
CVE-2023-38430 |
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does n ... |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| CRITICAL |
CVE-2023-38431 |
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/serve ... |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| CRITICAL |
CVE-2023-38432 |
out-of-bounds read in ksmbd_smb2_check_message |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| CRITICAL |
CVE-2023-5178 |
kernel: use after free in nvmet_tcp_free_crypto in NVMe |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| CRITICAL |
CVE-2023-28531 |
openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. |
openssh-client |
1:9.2p1-2 |
1:9.2p1-2+deb12u2 |
| CRITICAL |
CVE-2023-38408 |
Remote code execution in ssh-agent PKCS#11 support |
openssh-client |
1:9.2p1-2 |
1:9.2p1-2+deb12u1 |
| CRITICAL |
CVE-2023-45853 |
zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 |
zlib1g |
1:1.2.13.dfsg-1 |
|
| CRITICAL |
CVE-2023-45853 |
zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 |
zlib1g-dev |
1:1.2.13.dfsg-1 |
|
| HIGH |
CVE-2023-38039 |
curl: out of heap memory issue due to missing limit on header quantity |
curl |
7.88.1-10 |
7.88.1-10+deb12u3 |
| HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
gir1.2-gdkpixbuf-2.0 |
2.42.10+dfsg-1+b1 |
|
| HIGH |
CVE-2023-25652 |
git: by feeding specially crafted input to git apply --reject, a path outside the working tree can |
git |
1:2.39.2-1.1 |
|
| HIGH |
CVE-2023-29007 |
git: arbitrary configuration injection when renaming or deleting a section from a configuration file |
git |
1:2.39.2-1.1 |
|
| HIGH |
CVE-2023-25652 |
git: by feeding specially crafted input to git apply --reject, a path outside the working tree can |
git-man |
1:2.39.2-1.1 |
|
| HIGH |
CVE-2023-29007 |
git: arbitrary configuration injection when renaming or deleting a section from a configuration file |
git-man |
1:2.39.2-1.1 |
|
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2023-39616 |
AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read mem ... |
libaom3 |
3.6.0-1 |
|
| HIGH |
CVE-2023-4911 |
glibc: buffer overflow in ld.so leading to privilege escalation |
libc-bin |
2.36-9 |
2.36-9+deb12u3 |
| HIGH |
CVE-2023-6246 |
glibc: heap-based buffer overflow in __vsyslog_internal() |
libc-bin |
2.36-9 |
2.36-9+deb12u4 |
| HIGH |
CVE-2023-6779 |
glibc: off-by-one heap-based buffer overflow in __vsyslog_internal() |
libc-bin |
2.36-9 |
2.36-9+deb12u4 |
| HIGH |
CVE-2023-4911 |
glibc: buffer overflow in ld.so leading to privilege escalation |
libc-dev-bin |
2.36-9 |
2.36-9+deb12u3 |
| HIGH |
CVE-2023-6246 |
glibc: heap-based buffer overflow in __vsyslog_internal() |
libc-dev-bin |
2.36-9 |
2.36-9+deb12u4 |
| HIGH |
CVE-2023-6779 |
glibc: off-by-one heap-based buffer overflow in __vsyslog_internal() |
libc-dev-bin |
2.36-9 |
2.36-9+deb12u4 |
| HIGH |
CVE-2023-4911 |
glibc: buffer overflow in ld.so leading to privilege escalation |
libc6 |
2.36-9 |
2.36-9+deb12u3 |
| HIGH |
CVE-2023-6246 |
glibc: heap-based buffer overflow in __vsyslog_internal() |
libc6 |
2.36-9 |
2.36-9+deb12u4 |
| HIGH |
CVE-2023-6779 |
glibc: off-by-one heap-based buffer overflow in __vsyslog_internal() |
libc6 |
2.36-9 |
2.36-9+deb12u4 |
| HIGH |
CVE-2023-4911 |
glibc: buffer overflow in ld.so leading to privilege escalation |
libc6-dev |
2.36-9 |
2.36-9+deb12u3 |
| HIGH |
CVE-2023-6246 |
glibc: heap-based buffer overflow in __vsyslog_internal() |
libc6-dev |
2.36-9 |
2.36-9+deb12u4 |
| HIGH |
CVE-2023-6779 |
glibc: off-by-one heap-based buffer overflow in __vsyslog_internal() |
libc6-dev |
2.36-9 |
2.36-9+deb12u4 |
| HIGH |
CVE-2023-38039 |
curl: out of heap memory issue due to missing limit on header quantity |
libcurl3-gnutls |
7.88.1-10 |
7.88.1-10+deb12u3 |
| HIGH |
CVE-2023-38039 |
curl: out of heap memory issue due to missing limit on header quantity |
libcurl4 |
7.88.1-10 |
7.88.1-10+deb12u3 |
| HIGH |
CVE-2023-38039 |
curl: out of heap memory issue due to missing limit on header quantity |
libcurl4-openssl-dev |
7.88.1-10 |
7.88.1-10+deb12u3 |
| HIGH |
CVE-2023-27103 |
Libde265 v1.0.11 was discovered to contain a heap buffer overflow via ... |
libde265-0 |
1.0.11-1 |
1.0.11-1+deb12u1 |
| HIGH |
CVE-2023-43887 |
Libde265 v1.0.12 was discovered to contain multiple buffer overflows v ... |
libde265-0 |
1.0.11-1 |
1.0.11-1+deb12u1 |
| HIGH |
CVE-2023-49465 |
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ... |
libde265-0 |
1.0.11-1 |
1.0.11-1+deb12u2 |
| HIGH |
CVE-2023-49467 |
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ... |
libde265-0 |
1.0.11-1 |
1.0.11-1+deb12u2 |
| HIGH |
CVE-2023-49468 |
Libde265 v1.0.14 was discovered to contain a global buffer overflow vu ... |
libde265-0 |
1.0.11-1 |
1.0.11-1+deb12u2 |
| HIGH |
CVE-2023-52425 |
expat: parsing large tokens can trigger a denial of service |
libexpat1 |
2.5.0-1 |
|
| HIGH |
CVE-2023-52425 |
expat: parsing large tokens can trigger a denial of service |
libexpat1-dev |
2.5.0-1 |
|
| HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
libgdk-pixbuf-2.0-0 |
2.42.10+dfsg-1+b1 |
|
| HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
libgdk-pixbuf-2.0-dev |
2.42.10+dfsg-1+b1 |
|
| HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
libgdk-pixbuf2.0-bin |
2.42.10+dfsg-1+b1 |
|
| HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
libgdk-pixbuf2.0-common |
2.42.10+dfsg-1 |
|
| HIGH |
CVE-2024-0553 |
gnutls: incomplete fix for CVE-2023-5981 |
libgnutls30 |
3.7.9-2 |
3.7.9-2+deb12u2 |
| HIGH |
CVE-2024-0567 |
gnutls: rejects certificate chain with distributed trust |
libgnutls30 |
3.7.9-2 |
3.7.9-2+deb12u2 |
| HIGH |
CVE-2023-25193 |
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks |
libharfbuzz0b |
6.0.0+dfsg-3 |
|
| HIGH |
CVE-2023-49460 |
libheif v1.17.5 was discovered to contain a segmentation violation via ... |
libheif1 |
1.15.1-1 |
|
| HIGH |
CVE-2023-49462 |
libheif v1.17.5 was discovered to contain a segmentation violation via ... |
libheif1 |
1.15.1-1 |
|
| HIGH |
CVE-2023-49463 |
libheif v1.17.5 was discovered to contain a segmentation violation via ... |
libheif1 |
1.15.1-1 |
|
| HIGH |
CVE-2023-49464 |
libheif v1.17.5 was discovered to contain a segmentation violation via ... |
libheif1 |
1.15.1-1 |
|
| HIGH |
CVE-2023-2953 |
null pointer dereference in ber_memalloc_x function |
libldap-2.5-0 |
2.5.13+dfsg-5 |
|
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2021-3610 |
heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| HIGH |
CVE-2023-44487 |
HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) |
libnghttp2-14 |
1.52.0-1 |
1.52.0-1+deb12u1 |
| HIGH |
CVE-2021-3575 |
openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution |
libopenjp2-7 |
2.5.0-2 |
|
| HIGH |
CVE-2021-3575 |
openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution |
libopenjp2-7-dev |
2.5.0-2 |
|
| HIGH |
CVE-2023-31484 |
perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS |
libperl5.36 |
5.36.0-7 |
|
| HIGH |
CVE-2023-47038 |
perl: Write past buffer end via illegal user-defined Unicode property |
libperl5.36 |
5.36.0-7 |
5.36.0-7+deb12u1 |
| HIGH |
CVE-2023-39417 |
postgresql: extension script @substitutions@ within quoting allow SQL injection |
libpq-dev |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| HIGH |
CVE-2023-5869 |
postgresql: Buffer overrun from integer overflow in array modification |
libpq-dev |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| HIGH |
CVE-2024-0985 |
postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL |
libpq-dev |
15.3-0+deb12u1 |
15.6-0+deb12u1 |
| HIGH |
CVE-2023-39417 |
postgresql: extension script @substitutions@ within quoting allow SQL injection |
libpq5 |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| HIGH |
CVE-2023-5869 |
postgresql: Buffer overrun from integer overflow in array modification |
libpq5 |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| HIGH |
CVE-2024-0985 |
postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL |
libpq5 |
15.3-0+deb12u1 |
15.6-0+deb12u1 |
| HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
libpython3.11-minimal |
3.11.2-6 |
|
| HIGH |
CVE-2023-41105 |
python: file path truncation at \0 characters |
libpython3.11-minimal |
3.11.2-6 |
|
| HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
libpython3.11-stdlib |
3.11.2-6 |
|
| HIGH |
CVE-2023-41105 |
python: file path truncation at \0 characters |
libpython3.11-stdlib |
3.11.2-6 |
|
| HIGH |
CVE-2023-7104 |
sqlite: heap-buffer-overflow at sessionfuzz |
libsqlite3-0 |
3.40.1-2 |
|
| HIGH |
CVE-2023-7104 |
sqlite: heap-buffer-overflow at sessionfuzz |
libsqlite3-dev |
3.40.1-2 |
|
| HIGH |
CVE-2023-5363 |
openssl: Incorrect cipher key and IV length processing |
libssl-dev |
3.0.9-1 |
3.0.11-1~deb12u2 |
| HIGH |
CVE-2023-5363 |
openssl: Incorrect cipher key and IV length processing |
libssl3 |
3.0.9-1 |
3.0.11-1~deb12u2 |
| HIGH |
CVE-2023-50387 |
bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator |
libsystemd0 |
252.6-1 |
|
| HIGH |
CVE-2023-50868 |
bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources |
libsystemd0 |
252.6-1 |
|
| HIGH |
CVE-2023-52355 |
libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM |
libtiff-dev |
4.5.0-6 |
|
| HIGH |
CVE-2023-52356 |
libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service |
libtiff-dev |
4.5.0-6 |
|
| HIGH |
CVE-2023-52355 |
libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM |
libtiff6 |
4.5.0-6 |
|
| HIGH |
CVE-2023-52356 |
libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service |
libtiff6 |
4.5.0-6 |
|
| HIGH |
CVE-2023-52355 |
libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM |
libtiffxx6 |
4.5.0-6 |
|
| HIGH |
CVE-2023-52356 |
libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service |
libtiffxx6 |
4.5.0-6 |
|
| HIGH |
CVE-2023-50387 |
bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator |
libudev1 |
252.6-1 |
|
| HIGH |
CVE-2023-50868 |
bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources |
libudev1 |
252.6-1 |
|
| HIGH |
CVE-2023-4863 |
libwebp: Heap buffer overflow in WebP Codec |
libwebp-dev |
1.2.4-0.2 |
1.2.4-0.2+deb12u1 |
| HIGH |
CVE-2023-4863 |
libwebp: Heap buffer overflow in WebP Codec |
libwebp7 |
1.2.4-0.2 |
1.2.4-0.2+deb12u1 |
| HIGH |
CVE-2023-4863 |
libwebp: Heap buffer overflow in WebP Codec |
libwebpdemux2 |
1.2.4-0.2 |
1.2.4-0.2+deb12u1 |
| HIGH |
CVE-2023-4863 |
libwebp: Heap buffer overflow in WebP Codec |
libwebpmux3 |
1.2.4-0.2 |
1.2.4-0.2+deb12u1 |
| HIGH |
CVE-2023-3138 |
libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension reques |
libx11-6 |
2:1.8.4-2 |
2:1.8.4-2+deb12u1 |
| HIGH |
CVE-2023-43787 |
libX11: integer overflow in XCreateImage() leading to a heap overflow |
libx11-6 |
2:1.8.4-2 |
2:1.8.4-2+deb12u2 |
| HIGH |
CVE-2023-3138 |
libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension reques |
libx11-data |
2:1.8.4-2 |
2:1.8.4-2+deb12u1 |
| HIGH |
CVE-2023-43787 |
libX11: integer overflow in XCreateImage() leading to a heap overflow |
libx11-data |
2:1.8.4-2 |
2:1.8.4-2+deb12u2 |
| HIGH |
CVE-2023-3138 |
libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension reques |
libx11-dev |
2:1.8.4-2 |
2:1.8.4-2+deb12u1 |
| HIGH |
CVE-2023-43787 |
libX11: integer overflow in XCreateImage() leading to a heap overflow |
libx11-dev |
2:1.8.4-2 |
2:1.8.4-2+deb12u2 |
| HIGH |
CVE-2022-2309 |
lxml: NULL Pointer Dereference in lxml |
libxml2 |
2.9.14+dfsg-1.2 |
2.9.14+dfsg-1.3~deb12u1 |
| HIGH |
CVE-2024-25062 |
libxml2: use-after-free in XMLReader |
libxml2 |
2.9.14+dfsg-1.2 |
|
| HIGH |
CVE-2022-2309 |
lxml: NULL Pointer Dereference in lxml |
libxml2-dev |
2.9.14+dfsg-1.2 |
2.9.14+dfsg-1.3~deb12u1 |
| HIGH |
CVE-2024-25062 |
libxml2: use-after-free in XMLReader |
libxml2-dev |
2.9.14+dfsg-1.2 |
|
| HIGH |
CVE-2013-7445 |
kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2019-19449 |
kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_ |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2019-19814 |
kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2021-3847 |
low-privileged user privileges escalation |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2021-3864 |
descendant's dumpable setting with certain SUID binaries |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2023-1194 |
kernel: use-after-free in parse_lease_state() |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-1989 |
kernel: Use after free bug in btsdio_remove due to race condition |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-2124 |
kernel: OOB access in the Linux kernel's XFS subsystem |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-21255 |
In multiple functions of binder.c, there is a possible memory corrupti ... |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-2156 |
kernel: net: IPv6 RPL protocol reachable assertion leads to DoS |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-2176 |
kernel: Slab-out-of-bound read in compare_netdev_and_ip |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2023-3090 |
kernel: ipvlan: out-of-bounds write caused by unclear skb->cb |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-31248 |
kernel: nf_tables: use-after-free in nft_chain_lookup_byid() |
linux-libc-dev |
6.1.27-1 |
6.1.38-1 |
| HIGH |
CVE-2023-32247 |
session setup memory exhaustion denial-of-service vulnerability |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-32248 |
tree connection NULL pointer dereference denial-of-service vulnerability |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-32250 |
session race condition remote code execution vulnerability |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-32252 |
session NULL pointer dereference denial-of-service vulnerability |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-32254 |
tree connection race condition remote code execution vulnerability |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-32257 |
session race condition remote code execution vulnerability |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-32258 |
session race condition remote code execution vulnerability |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-3268 |
kernel: out-of-bounds access in relay_file_read |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-3269 |
distros-[DirtyVMA] Privilege escalation via non-RCU-protected VMA traversal |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-3390 |
kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-34319 |
buffer overrun in netback due to unusual packet (XSA-432) |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-35001 |
kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() |
linux-libc-dev |
6.1.27-1 |
6.1.38-1 |
| HIGH |
CVE-2023-35788 |
kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-35827 |
race condition leading to use-after-free in ravb_remove() |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| HIGH |
CVE-2023-3609 |
kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-3610 |
kernel: netfilter: nf_tables: fix chain binding transaction logic in the abort path of NFT_MSG_NEWRU |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2023-3611 |
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqu |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-3640 |
Kernel: x86/mm: a per-cpu entry area leak was identified through the init_cea_offsets function when |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2023-3776 |
kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev functi |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-3777 |
kernel: use-after-free in netfilter: nf_tables |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-39197 |
kernel: DCCP: conntrack out-of-bounds read in nf_conntrack_dccp_packet() |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-4004 |
kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-4015 |
kernel: use after free in nft_immediate_deactivate |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-40283 |
kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-4147 |
kernel: netfilter: nf_tables_newrule when adding a rule with NFTA_RULE_CHAIN_ID leads to use-after-f |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-4206 |
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-4207 |
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-4208 |
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-4244 |
kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| HIGH |
CVE-2023-42753 |
kernel: netfilter: potential slab-out-of-bound access due to integer underflow |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| HIGH |
CVE-2023-44466 |
kernel: buffer overflow in ceph file net/ceph/messenger_v2.c |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-45871 |
kernel: IGB driver inadequate buffer size for frames larger than MTU |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| HIGH |
CVE-2023-4622 |
kernel: use after free in unix_stream_sendpage |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-4623 |
kernel: net/sched: sch_hfsc UAF |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| HIGH |
CVE-2023-46813 |
kernel: SEV-ES local priv escalation |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| HIGH |
CVE-2023-46838 |
Transmit requests in Xen's virtual network protocol can consist of mul ... |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2023-4921 |
kernel: use-after-free in sch_qfq network scheduler |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| HIGH |
CVE-2023-51042 |
kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-51043 |
kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unlo |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-51779 |
kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2023-51780 |
kernel: use-after-free in net/atm/ioctl.c |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2023-51781 |
kernel: use-after-free in net/appletalk/ddp.c |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2023-51782 |
An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl i ... |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2023-52438 |
kernel: binder: fix use-after-free in shinker's callback |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2023-52439 |
kernel: uio: Fix use-after-free in uio_open |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2023-52449 |
kernel: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2023-52464 |
kernel: EDAC/thunderx: Fix possible out-of-bounds string access |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2023-5345 |
kernel: use-after-free vulnerability in the smb client component |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| HIGH |
CVE-2023-5633 |
kernel: vmwgfx: reference count issue leads to use-after-free in surface handling |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2023-5717 |
kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is small |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| HIGH |
CVE-2023-6111 |
kernel: netfilter: use-after-free when removing catchall element in GC sync path |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| HIGH |
CVE-2023-6270 |
kernel: AoE: improper reference count leads to use-after-free vulnerability |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2023-6356 |
kernel: NULL pointer dereference in nvmet_tcp_build_iovec |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2023-6531 |
kernel: GC's deletion of an SKB races with unix_stream_read_generic() leading to UAF |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2023-6535 |
kernel: NULL pointer dereference in nvmet_tcp_execute_request |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2023-6536 |
kernel: NULL pointer dereference in __nvmet_req_complete |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2023-6546 |
kernel: GSM multiplexing race condition leads to privilege escalation |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| HIGH |
CVE-2023-6606 |
kernel: Out-Of-Bounds Read vulnerability in smbCalcSize |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2023-6817 |
kernel: inactive elements in nft_pipapo_walk |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2023-6931 |
kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2023-6932 |
kernel: use-after-free in IPv4 IGMP |
linux-libc-dev |
6.1.27-1 |
6.1.66-1 |
| HIGH |
CVE-2024-0565 |
kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2024-0646 |
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as desti |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2024-0775 |
kernel: use-after-free while changing the mount option in __ext4_remount leading |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| HIGH |
CVE-2024-0841 |
kernel: hugetlbfs: Null pointer dereference in hugetlbfs_fill_super function |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2024-1085 |
kernel: nf_tables: use-after-free vulnerability in the nft_setelem_catchall_deactivate() function |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2024-1086 |
kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2024-21803 |
kernel: bluetooth: use-after-free vulnerability in af_bluetooth.c |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2024-22705 |
kernel: out-of-bounds access smb2_get_data_area_len |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2024-23307 |
Integer Overflow or Wraparound vulnerability in Linux Linux kernel ker ... |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2024-25744 |
kernel: untrusted VMM can trigger int80 syscall handling |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| HIGH |
CVE-2024-26581 |
kernel: nftables: nft_set_rbtree skip end interval element from gc |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2024-26582 |
kernel: tls: use-after-free with partial reads and async decrypt |
linux-libc-dev |
6.1.27-1 |
|
| HIGH |
CVE-2024-26589 |
kernel: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| HIGH |
CVE-2023-51767 |
openssh: authentication bypass via row hammer attack |
openssh-client |
1:9.2p1-2 |
|
| HIGH |
CVE-2023-5363 |
openssl: Incorrect cipher key and IV length processing |
openssl |
3.0.9-1 |
3.0.11-1~deb12u2 |
| HIGH |
CVE-2023-31484 |
perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS |
perl |
5.36.0-7 |
|
| HIGH |
CVE-2023-47038 |
perl: Write past buffer end via illegal user-defined Unicode property |
perl |
5.36.0-7 |
5.36.0-7+deb12u1 |
| HIGH |
CVE-2023-31484 |
perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS |
perl-base |
5.36.0-7 |
|
| HIGH |
CVE-2023-47038 |
perl: Write past buffer end via illegal user-defined Unicode property |
perl-base |
5.36.0-7 |
5.36.0-7+deb12u1 |
| HIGH |
CVE-2023-31484 |
perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS |
perl-modules-5.36 |
5.36.0-7 |
|
| HIGH |
CVE-2023-47038 |
perl: Write past buffer end via illegal user-defined Unicode property |
perl-modules-5.36 |
5.36.0-7 |
5.36.0-7+deb12u1 |
| HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
python3.11 |
3.11.2-6 |
|
| HIGH |
CVE-2023-41105 |
python: file path truncation at \0 characters |
python3.11 |
3.11.2-6 |
|
| HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
python3.11-minimal |
3.11.2-6 |
|
| HIGH |
CVE-2023-41105 |
python: file path truncation at \0 characters |
python3.11-minimal |
3.11.2-6 |
|
| HIGH |
CVE-2023-37920 |
python-certifi: Removal of e-Tugra root certificate |
certifi |
2021.10.8 |
2023.7.22 |
| HIGH |
CVE-2023-0286 |
openssl: X.400 address type confusion in X.509 GeneralName |
cryptography |
38.0.4 |
39.0.1 |
| HIGH |
CVE-2023-50782 |
python-cryptography: Bleichenbacher timing oracle attack against RSA decryption - incomplete fix for |
cryptography |
38.0.4 |
42.0.0 |
| HIGH |
CVE-2024-26130 |
cryptography is a package designed to expose cryptographic primitives ... |
cryptography |
38.0.4 |
42.0.4 |
| HIGH |
CVE-2022-42969 |
The py library through 1.11.0 for Python allows remote attackers to co ... |
py |
1.11.0 |
|
| HIGH |
CVE-2022-40897 |
pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py |
setuptools |
57.5.0 |
65.5.1 |
| HIGH |
CVE-2022-40898 |
remote attackers can cause denial of service via attacker controlled input to wheel cli |
wheel |
0.36.2 |
0.38.1 |
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
cpp-12 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-46218 |
curl: information disclosure by exploiting a mixed case flaw |
curl |
7.88.1-10 |
7.88.1-10+deb12u5 |
| MEDIUM |
CVE-2023-46219 |
curl: excessively long file name may lead to unknown HSTS status |
curl |
7.88.1-10 |
7.88.1-10+deb12u5 |
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
g++-12 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
gcc-12 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
gcc-12-base |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-38633 |
Arbitrary file read when xinclude href has special characters |
gir1.2-rsvg-2.0 |
2.54.5+dfsg-1 |
2.54.7+dfsg-1~deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
krb5-multidev |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
krb5-multidev |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
krb5-multidev |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
krb5-multidev |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libasan8 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libatomic1 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-45866 |
bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands executi |
libbluetooth-dev |
5.66-1 |
5.66-1+deb12u1 |
| MEDIUM |
CVE-2023-45866 |
bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands executi |
libbluetooth3 |
5.66-1 |
5.66-1+deb12u1 |
| MEDIUM |
CVE-2023-4527 |
glibc: Stack read overflow in getaddrinfo in no-aaaa mode |
libc-bin |
2.36-9 |
2.36-9+deb12u3 |
| MEDIUM |
CVE-2023-4806 |
glibc: potential use-after-free in getaddrinfo() |
libc-bin |
2.36-9 |
2.36-9+deb12u3 |
| MEDIUM |
CVE-2023-6780 |
glibc: integer overflow in __vsyslog_internal() |
libc-bin |
2.36-9 |
2.36-9+deb12u4 |
| MEDIUM |
CVE-2023-4527 |
glibc: Stack read overflow in getaddrinfo in no-aaaa mode |
libc-dev-bin |
2.36-9 |
2.36-9+deb12u3 |
| MEDIUM |
CVE-2023-4806 |
glibc: potential use-after-free in getaddrinfo() |
libc-dev-bin |
2.36-9 |
2.36-9+deb12u3 |
| MEDIUM |
CVE-2023-6780 |
glibc: integer overflow in __vsyslog_internal() |
libc-dev-bin |
2.36-9 |
2.36-9+deb12u4 |
| MEDIUM |
CVE-2023-4527 |
glibc: Stack read overflow in getaddrinfo in no-aaaa mode |
libc6 |
2.36-9 |
2.36-9+deb12u3 |
| MEDIUM |
CVE-2023-4806 |
glibc: potential use-after-free in getaddrinfo() |
libc6 |
2.36-9 |
2.36-9+deb12u3 |
| MEDIUM |
CVE-2023-6780 |
glibc: integer overflow in __vsyslog_internal() |
libc6 |
2.36-9 |
2.36-9+deb12u4 |
| MEDIUM |
CVE-2023-4527 |
glibc: Stack read overflow in getaddrinfo in no-aaaa mode |
libc6-dev |
2.36-9 |
2.36-9+deb12u3 |
| MEDIUM |
CVE-2023-4806 |
glibc: potential use-after-free in getaddrinfo() |
libc6-dev |
2.36-9 |
2.36-9+deb12u3 |
| MEDIUM |
CVE-2023-6780 |
glibc: integer overflow in __vsyslog_internal() |
libc6-dev |
2.36-9 |
2.36-9+deb12u4 |
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libcc1-0 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-46218 |
curl: information disclosure by exploiting a mixed case flaw |
libcurl3-gnutls |
7.88.1-10 |
7.88.1-10+deb12u5 |
| MEDIUM |
CVE-2023-46219 |
curl: excessively long file name may lead to unknown HSTS status |
libcurl3-gnutls |
7.88.1-10 |
7.88.1-10+deb12u5 |
| MEDIUM |
CVE-2023-46218 |
curl: information disclosure by exploiting a mixed case flaw |
libcurl4 |
7.88.1-10 |
7.88.1-10+deb12u5 |
| MEDIUM |
CVE-2023-46219 |
curl: excessively long file name may lead to unknown HSTS status |
libcurl4 |
7.88.1-10 |
7.88.1-10+deb12u5 |
| MEDIUM |
CVE-2023-46218 |
curl: information disclosure by exploiting a mixed case flaw |
libcurl4-openssl-dev |
7.88.1-10 |
7.88.1-10+deb12u5 |
| MEDIUM |
CVE-2023-46219 |
curl: excessively long file name may lead to unknown HSTS status |
libcurl4-openssl-dev |
7.88.1-10 |
7.88.1-10+deb12u5 |
| MEDIUM |
CVE-2023-32570 |
VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that ca ... |
libdav1d6 |
1.0.0-2 |
|
| MEDIUM |
CVE-2023-27102 |
Libde265 v1.0.11 was discovered to contain a segmentation violation vi ... |
libde265-0 |
1.0.11-1 |
1.0.11-1+deb12u1 |
| MEDIUM |
CVE-2023-47471 |
Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a ... |
libde265-0 |
1.0.11-1 |
1.0.11-1+deb12u1 |
| MEDIUM |
CVE-2021-46310 |
An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... |
libdjvulibre-dev |
3.5.28-2+b1 |
|
| MEDIUM |
CVE-2021-46312 |
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... |
libdjvulibre-dev |
3.5.28-2+b1 |
|
| MEDIUM |
CVE-2021-46310 |
An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... |
libdjvulibre-text |
3.5.28-2 |
|
| MEDIUM |
CVE-2021-46312 |
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... |
libdjvulibre-text |
3.5.28-2 |
|
| MEDIUM |
CVE-2021-46310 |
An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... |
libdjvulibre21 |
3.5.28-2+b1 |
|
| MEDIUM |
CVE-2021-46312 |
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... |
libdjvulibre21 |
3.5.28-2+b1 |
|
| MEDIUM |
CVE-2023-52426 |
expat: recursive XML entity expansion vulnerability |
libexpat1 |
2.5.0-1 |
|
| MEDIUM |
CVE-2023-52426 |
expat: recursive XML entity expansion vulnerability |
libexpat1-dev |
2.5.0-1 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libgcc-12-dev |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libgcc-s1 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-5981 |
gnutls: timing side-channel in the RSA-PSK authentication |
libgnutls30 |
3.7.9-2 |
3.7.9-2+deb12u1 |
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libgomp1 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libgssapi-krb5-2 |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libgssapi-krb5-2 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libgssapi-krb5-2 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libgssapi-krb5-2 |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libgssrpc4 |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libgssrpc4 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libgssrpc4 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libgssrpc4 |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-29659 |
A Segmentation fault caused by a floating point exception exists in li ... |
libheif1 |
1.15.1-1 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libitm1 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libk5crypto3 |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libk5crypto3 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libk5crypto3 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libk5crypto3 |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkadm5clnt-mit12 |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkadm5clnt-mit12 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkadm5clnt-mit12 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkadm5clnt-mit12 |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkadm5srv-mit12 |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkadm5srv-mit12 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkadm5srv-mit12 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkadm5srv-mit12 |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkdb5-10 |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkdb5-10 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkdb5-10 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkdb5-10 |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkrb5-3 |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkrb5-3 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5-3 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5-3 |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkrb5-dev |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkrb5-dev |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5-dev |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5-dev |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkrb5support0 |
1.20.1-2 |
1.20.1-2+deb12u1 |
| MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkrb5support0 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5support0 |
1.20.1-2 |
|
| MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5support0 |
1.20.1-2 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
liblsan0 |
12.2.0-14 |
|
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-1115 |
ImageMagick: heap-buffer-overflow in PushShortPixel of quantum-private.h |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-1906 |
ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-3428 |
heap-buffer-overflow in coders/tiff.c |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
8:6.9.11.60+dfsg-1.6+deb12u1 |
| MEDIUM |
CVE-2023-22084 |
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) |
libmariadb-dev |
1:10.11.3-1 |
1:10.11.6-0+deb12u1 |
| MEDIUM |
CVE-2023-22084 |
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) |
libmariadb-dev-compat |
1:10.11.3-1 |
1:10.11.6-0+deb12u1 |
| MEDIUM |
CVE-2023-22084 |
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) |
libmariadb3 |
1:10.11.3-1 |
1:10.11.6-0+deb12u1 |
| MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncurses-dev |
6.4-4 |
|
| MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncurses5-dev |
6.4-4 |
|
| MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncurses6 |
6.4-4 |
|
| MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncursesw5-dev |
6.4-4 |
|
| MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncursesw6 |
6.4-4 |
|
| MEDIUM |
CVE-2024-22365 |
pam: allowing unpriledged user to block another user namespace |
libpam-modules |
1.5.2-6 |
|
| MEDIUM |
CVE-2024-22365 |
pam: allowing unpriledged user to block another user namespace |
libpam-modules-bin |
1.5.2-6 |
|
| MEDIUM |
CVE-2024-22365 |
pam: allowing unpriledged user to block another user namespace |
libpam-runtime |
1.5.2-6 |
|
| MEDIUM |
CVE-2024-22365 |
pam: allowing unpriledged user to block another user namespace |
libpam0g |
1.5.2-6 |
|
| MEDIUM |
CVE-2023-39418 |
postgresql: MERGE fails to enforce UPDATE or SELECT row security policies |
libpq-dev |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| MEDIUM |
CVE-2023-5868 |
postgresql: Memory disclosure in aggregate function calls |
libpq-dev |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| MEDIUM |
CVE-2023-5870 |
postgresql: Role pg_signal_backend can signal certain superuser processes. |
libpq-dev |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| MEDIUM |
CVE-2023-39418 |
postgresql: MERGE fails to enforce UPDATE or SELECT row security policies |
libpq5 |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| MEDIUM |
CVE-2023-5868 |
postgresql: Memory disclosure in aggregate function calls |
libpq5 |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| MEDIUM |
CVE-2023-5870 |
postgresql: Role pg_signal_backend can signal certain superuser processes. |
libpq5 |
15.3-0+deb12u1 |
15.5-0+deb12u1 |
| MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
libpython3.11-minimal |
3.11.2-6 |
|
| MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
libpython3.11-minimal |
3.11.2-6 |
|
| MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
libpython3.11-stdlib |
3.11.2-6 |
|
| MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
libpython3.11-stdlib |
3.11.2-6 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libquadmath0 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-38633 |
Arbitrary file read when xinclude href has special characters |
librsvg2-2 |
2.54.5+dfsg-1 |
2.54.7+dfsg-1~deb12u1 |
| MEDIUM |
CVE-2023-38633 |
Arbitrary file read when xinclude href has special characters |
librsvg2-common |
2.54.5+dfsg-1 |
2.54.7+dfsg-1~deb12u1 |
| MEDIUM |
CVE-2023-38633 |
Arbitrary file read when xinclude href has special characters |
librsvg2-dev |
2.54.5+dfsg-1 |
2.54.7+dfsg-1~deb12u1 |
| MEDIUM |
CVE-2024-0232 |
sqlite: use-after-free bug in jsonParseAddNodeArray |
libsqlite3-0 |
3.40.1-2 |
|
| MEDIUM |
CVE-2024-0232 |
sqlite: use-after-free bug in jsonParseAddNodeArray |
libsqlite3-dev |
3.40.1-2 |
|
| MEDIUM |
CVE-2023-2975 |
openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data |
libssl-dev |
3.0.9-1 |
3.0.10-1~deb12u1 |
| MEDIUM |
CVE-2023-3446 |
openssl: Excessive time spent checking DH keys and parameters |
libssl-dev |
3.0.9-1 |
3.0.10-1~deb12u1 |
| MEDIUM |
CVE-2023-3817 |
OpenSSL: Excessive time spent checking DH q parameter value |
libssl-dev |
3.0.9-1 |
3.0.10-1~deb12u1 |
| MEDIUM |
CVE-2023-5678 |
openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or par |
libssl-dev |
3.0.9-1 |
|
| MEDIUM |
CVE-2023-6129 |
openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC |
libssl-dev |
3.0.9-1 |
|
| MEDIUM |
CVE-2023-6237 |
openssl: Excessive time spent checking invalid RSA public keys |
libssl-dev |
3.0.9-1 |
|
| MEDIUM |
CVE-2024-0727 |
openssl: denial of service via null dereference |
libssl-dev |
3.0.9-1 |
|
| MEDIUM |
CVE-2023-2975 |
openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data |
libssl3 |
3.0.9-1 |
3.0.10-1~deb12u1 |
| MEDIUM |
CVE-2023-3446 |
openssl: Excessive time spent checking DH keys and parameters |
libssl3 |
3.0.9-1 |
3.0.10-1~deb12u1 |
| MEDIUM |
CVE-2023-3817 |
OpenSSL: Excessive time spent checking DH q parameter value |
libssl3 |
3.0.9-1 |
3.0.10-1~deb12u1 |
| MEDIUM |
CVE-2023-5678 |
openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or par |
libssl3 |
3.0.9-1 |
|
| MEDIUM |
CVE-2023-6129 |
openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC |
libssl3 |
3.0.9-1 |
|
| MEDIUM |
CVE-2023-6237 |
openssl: Excessive time spent checking invalid RSA public keys |
libssl3 |
3.0.9-1 |
|
| MEDIUM |
CVE-2024-0727 |
openssl: denial of service via null dereference |
libssl3 |
3.0.9-1 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libstdc++-12-dev |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libstdc++6 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-7008 |
systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes |
libsystemd0 |
252.6-1 |
252.21-1~deb12u1 |
| MEDIUM |
CVE-2023-25433 |
libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c |
libtiff-dev |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-26965 |
libtiff: heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c |
libtiff-dev |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-26966 |
libtiff: Buffer Overflow in uv_encode() |
libtiff-dev |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-2908 |
libtiff: null pointer dereference in tif_dir.c |
libtiff-dev |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-3316 |
libtiff: tiffcrop: null pointer dereference in TIFFClose() |
libtiff-dev |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-3576 |
libtiff: memory leak in tiffcrop.c |
libtiff-dev |
4.5.0-6 |
4.5.0-6+deb12u1 |
| MEDIUM |
CVE-2023-3618 |
libtiff: segmentation fault in Fax3Encode in libtiff/tif_fax3.c |
libtiff-dev |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-40745 |
libtiff: integer overflow in tiffcp.c |
libtiff-dev |
4.5.0-6 |
4.5.0-6+deb12u1 |
| MEDIUM |
CVE-2023-41175 |
libtiff: potential integer overflow in raw2tiff.c |
libtiff-dev |
4.5.0-6 |
4.5.0-6+deb12u1 |
| MEDIUM |
CVE-2023-6277 |
libtiff: Out-of-memory in TIFFOpen via a craft file |
libtiff-dev |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-25433 |
libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c |
libtiff6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-26965 |
libtiff: heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c |
libtiff6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-26966 |
libtiff: Buffer Overflow in uv_encode() |
libtiff6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-2908 |
libtiff: null pointer dereference in tif_dir.c |
libtiff6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-3316 |
libtiff: tiffcrop: null pointer dereference in TIFFClose() |
libtiff6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-3576 |
libtiff: memory leak in tiffcrop.c |
libtiff6 |
4.5.0-6 |
4.5.0-6+deb12u1 |
| MEDIUM |
CVE-2023-3618 |
libtiff: segmentation fault in Fax3Encode in libtiff/tif_fax3.c |
libtiff6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-40745 |
libtiff: integer overflow in tiffcp.c |
libtiff6 |
4.5.0-6 |
4.5.0-6+deb12u1 |
| MEDIUM |
CVE-2023-41175 |
libtiff: potential integer overflow in raw2tiff.c |
libtiff6 |
4.5.0-6 |
4.5.0-6+deb12u1 |
| MEDIUM |
CVE-2023-6277 |
libtiff: Out-of-memory in TIFFOpen via a craft file |
libtiff6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-25433 |
libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c |
libtiffxx6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-26965 |
libtiff: heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c |
libtiffxx6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-26966 |
libtiff: Buffer Overflow in uv_encode() |
libtiffxx6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-2908 |
libtiff: null pointer dereference in tif_dir.c |
libtiffxx6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-3316 |
libtiff: tiffcrop: null pointer dereference in TIFFClose() |
libtiffxx6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-3576 |
libtiff: memory leak in tiffcrop.c |
libtiffxx6 |
4.5.0-6 |
4.5.0-6+deb12u1 |
| MEDIUM |
CVE-2023-3618 |
libtiff: segmentation fault in Fax3Encode in libtiff/tif_fax3.c |
libtiffxx6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-40745 |
libtiff: integer overflow in tiffcp.c |
libtiffxx6 |
4.5.0-6 |
4.5.0-6+deb12u1 |
| MEDIUM |
CVE-2023-41175 |
libtiff: potential integer overflow in raw2tiff.c |
libtiffxx6 |
4.5.0-6 |
4.5.0-6+deb12u1 |
| MEDIUM |
CVE-2023-6277 |
libtiff: Out-of-memory in TIFFOpen via a craft file |
libtiffxx6 |
4.5.0-6 |
|
| MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libtinfo6 |
6.4-4 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libtsan2 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libubsan1 |
12.2.0-14 |
|
| MEDIUM |
CVE-2023-7008 |
systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes |
libudev1 |
252.6-1 |
252.21-1~deb12u1 |
| MEDIUM |
CVE-2023-43785 |
libX11: out-of-bounds memory access in _XkbReadKeySyms() |
libx11-6 |
2:1.8.4-2 |
2:1.8.4-2+deb12u2 |
| MEDIUM |
CVE-2023-43786 |
libX11: stack exhaustion from infinite recursion in PutSubImage() |
libx11-6 |
2:1.8.4-2 |
2:1.8.4-2+deb12u2 |
| MEDIUM |
CVE-2023-43785 |
libX11: out-of-bounds memory access in _XkbReadKeySyms() |
libx11-data |
2:1.8.4-2 |
2:1.8.4-2+deb12u2 |
| MEDIUM |
CVE-2023-43786 |
libX11: stack exhaustion from infinite recursion in PutSubImage() |
libx11-data |
2:1.8.4-2 |
2:1.8.4-2+deb12u2 |
| MEDIUM |
CVE-2023-43785 |
libX11: out-of-bounds memory access in _XkbReadKeySyms() |
libx11-dev |
2:1.8.4-2 |
2:1.8.4-2+deb12u2 |
| MEDIUM |
CVE-2023-43786 |
libX11: stack exhaustion from infinite recursion in PutSubImage() |
libx11-dev |
2:1.8.4-2 |
2:1.8.4-2+deb12u2 |
| MEDIUM |
CVE-2023-39615 |
libxml2: crafted xml can cause global buffer overflow |
libxml2 |
2.9.14+dfsg-1.2 |
|
| MEDIUM |
CVE-2023-45322 |
libxml2: use-after-free in xmlUnlinkNode() in tree.c |
libxml2 |
2.9.14+dfsg-1.2 |
|
| MEDIUM |
CVE-2023-39615 |
libxml2: crafted xml can cause global buffer overflow |
libxml2-dev |
2.9.14+dfsg-1.2 |
|
| MEDIUM |
CVE-2023-45322 |
libxml2: use-after-free in xmlUnlinkNode() in tree.c |
libxml2-dev |
2.9.14+dfsg-1.2 |
|
| MEDIUM |
CVE-2019-15213 |
kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2019-16089 |
Improper return check in nbd_genl_status function in drivers/block/nbd.c |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2019-20794 |
kernel: task processes not being properly ended could lead to resource exhaustion |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2020-14304 |
ethtool when reading eeprom of device could lead to memory leak |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2020-36694 |
use-after-free in the packet processing context |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2022-40982 |
hw: Intel: Gather Data Sampling (GDS) side channel vulnerability |
linux-libc-dev |
6.1.27-1 |
6.1.38-4 |
| MEDIUM |
CVE-2022-4543 |
kernel: KASLR Prefetch Bypass Breaks KPTI |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-0160 |
possibility of deadlock in libbpf function sock_hash_delete_elem |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-0597 |
kernel: x86/mm: Randomize per-cpu entry area |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-1192 |
kernel: use-after-free in smb2_is_status_io_timeout() |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-1193 |
use-after-free in setup_async_work() |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-1206 |
kernel: hash collisions in the IPv6 connection lookup table |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-20569 |
hw amd: Return Address Predictor vulnerability leading to information disclosure |
linux-libc-dev |
6.1.27-1 |
6.1.38-4 |
| MEDIUM |
CVE-2023-20588 |
division-by-zero may resulting in loss of confidentiality |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-20593 |
hw: amd: Cross-Process Information Leak |
linux-libc-dev |
6.1.27-1 |
6.1.38-2 |
| MEDIUM |
CVE-2023-21264 |
In multiple functions of mem_protect.c, there is a possible way to acc ... |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-2269 |
kernel: A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| MEDIUM |
CVE-2023-23005 |
kernel: incorrect check for error case in the memory_tier_init |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-2430 |
kernel: missing lock in io_uring/msg_ring.c for IOPOLL in io_uring cause denial of service |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-2898 |
A null-ptr-deref bug in f2fs_write_end_io in fs/f2fs/data.c |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-31082 |
kernel: sleeping function called from an invalid context in gsmld_write |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-31083 |
kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-31084 |
kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| MEDIUM |
CVE-2023-3212 |
kernel: gfs2: NULL pointer dereference in gfs2_evict_inode() |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| MEDIUM |
CVE-2023-3397 |
slab-use-after-free Write in txEnd due to race condition |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-34324 |
Closing of an event channel in the Linux kernel can result in a deadlo ... |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| MEDIUM |
CVE-2023-37453 |
kernel: usb: out-of-bounds read in read_descriptors |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| MEDIUM |
CVE-2023-37454 |
kernel: udf: use-after-free write in udf_close_lvid |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-3772 |
kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params() |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-3773 |
kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-3863 |
use-after-free in nfc_llcp_find_loca in net/nfc/llcp_core.c |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-3865 |
[ksmbd: fix out-of-bound read in smb2_write] |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| MEDIUM |
CVE-2023-3866 |
[ksmbd: validate session id and tree id in the compound request] |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| MEDIUM |
CVE-2023-3867 |
[ksmbd: add missing compound request handing in some commands] |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-39189 |
kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one() |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| MEDIUM |
CVE-2023-39192 |
kernel: netfilter: xtables out-of-bounds read in u32_match_it() |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| MEDIUM |
CVE-2023-39193 |
kernel: netfilter: xtables sctp out-of-bounds read in match_flags() |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| MEDIUM |
CVE-2023-39194 |
kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match() |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-39198 |
kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create() |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-4010 |
kernel: usb: hcd: malformed USB descriptor leads to infinite loop in usb_giveback_urb() |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-4132 |
kernel: smsusb: use-after-free caused by do_submit_urb() |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-4133 |
kernel: cxgb4: use-after-free in ch_flower_stats_cb() |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-4155 |
kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-4194 |
kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-4273 |
kernel: exFAT: stack overflow in exfat_get_uniname_from_ext_entry |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-42752 |
kernel: integer overflow in igmpv3_newpack leading to exploitable memory access |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| MEDIUM |
CVE-2023-42754 |
kernel: ipv4: NULL pointer dereference in ipv4_send_dest_unreach() |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| MEDIUM |
CVE-2023-42755 |
kernel: rsvp: out-of-bounds read in rsvp_classify() |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| MEDIUM |
CVE-2023-42756 |
kernel: netfilter: race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| MEDIUM |
CVE-2023-4569 |
kernel: information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2023-46343 |
kernel: NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| MEDIUM |
CVE-2023-46862 |
kernel: NULL pointer dereference vulnerability in io_uring_show_fdinfo |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| MEDIUM |
CVE-2023-47233 |
kernel: Use after free in brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm8 |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-50431 |
kernel: information leak in sec_attest_info |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-5090 |
kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2a |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| MEDIUM |
CVE-2023-5158 |
Possible DOS from guest to host invringh_kiov_advance in vhost driver at drivers/vhost/vringh.c |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| MEDIUM |
CVE-2023-5197 |
kernel: netfilter: nf_tables: use-after-free due to addition and removal of rules from chain binding |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| MEDIUM |
CVE-2023-52340 |
kernel: ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52429 |
kernel: missing check for struct in dm-table.c can cause a crash |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-52434 |
kernel: smb: client: fix potential OOBs in smb2_parse_contexts() |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-52435 |
kernel: net: prevent mss overflow in skb_segment() |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-52436 |
kernel: f2fs: explicitly null-terminate the xattr list |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52447 |
kernel: bpf: Defer the free of inner map when necessary |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52448 |
kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52451 |
kernel: powerpc: Fix access beyond end of drmem array |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52452 |
kernel: bpf: Fix accesses to uninit stack slots |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-52454 |
kernel: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52456 |
kernel: imx: fix tx statemachine deadlock |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52458 |
kernel: block: add check that partition length needs to be aligned with block size |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52462 |
kernel: bpf: fix check for attempt to corrupt spilled pointer |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52463 |
kernel: efivarfs: force RO when remounting if SetVariable is not supported |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52467 |
kernel:null pointer dereference in of_syscon_register() |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52469 |
kernel: use-after-free in kv_parse_power_table |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-52470 |
kernel: null-ptr-deref in alloc_workqueue |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-6039 |
kernel: use-after-free in drivers/net/usb/lan78xx.c in lan78xx_disconnect |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-6121 |
kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| MEDIUM |
CVE-2023-6176 |
kernel: local dos vulnerability in scatterwalk_copychunks |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| MEDIUM |
CVE-2023-6240 |
kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-6622 |
kernel: null pointer dereference vulnerability in nft_dynset_init() |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| MEDIUM |
CVE-2023-6915 |
kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2023-7042 |
kernel: null pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-0193 |
kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation |
linux-libc-dev |
6.1.27-1 |
6.1.69-1 |
| MEDIUM |
CVE-2024-0340 |
kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-0564 |
kernel: max page sharing of Kernel Samepage Merging (KSM) may cause memory deduplication |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-0607 |
kernel: nf_tables: pointer math issue in nft_byteorder_eval() |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| MEDIUM |
CVE-2024-0639 |
kernel: potential deadlock on &net->sctp.addr_wq_lock leading to DOS |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| MEDIUM |
CVE-2024-0641 |
kernel: deadlock leading to denial of service in tipc_crypto_key_revoke |
linux-libc-dev |
6.1.27-1 |
6.1.64-1 |
| MEDIUM |
CVE-2024-1151 |
kernel: stack overflow problem in Open vSwitch kernel module leading to DoS |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-22099 |
NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on ... |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-22386 |
A race condition was found in the Linux kernel's drm/exynos device dri ... |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-23196 |
kernel: Race condition in snd_hdac_regmap_sync() in sound/hda |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-23848 |
kernel: use-after-free in cec_queue_msg_fh |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-23849 |
kernel: off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds ac |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2024-23850 |
kernel: btrfs_get_root_ref has an assertion failure and crash because a subvolume can be read out to |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-23851 |
kernel: copy_params can attempt to allocate more than INT_MAX bytes and crash |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-24855 |
kernel: Race condition in lpfc_unregister_fcf_rescan() in scsi/lpfc/lpfc_hbadisc.c |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-24857 |
kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-24858 |
kernel: net/bluetooth: race condition in {conn,adv}_{min,max}_interval_set() function |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-24859 |
A race condition was found in the Linux kernel's net/bluetooth in snif ... |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-24860 |
A race condition was found in the Linux kernel's bluetooth device driv ... |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-24861 |
A race condition was found in the Linux kernel's media/xc4000 device d ... |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-24864 |
A race condition was found in the Linux kernel's media/dvb-core in dvb ... |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-25739 |
kernel: crash due to a missing check for leb_size |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-25740 |
kernel: memory leak in ubi driver |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-25741 |
kernel: f_printer: crash leading to denial of service |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26583 |
kernel: tls: race between async notify and socket close |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26584 |
kernel: tls: handle backlogging of crypto requests |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26585 |
kernel: tls: race between tx work scheduling and socket close |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26586 |
kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26591 |
kernel: bpf: Fix re-attachment branch in bpf_tracing_prog_attach |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2024-26593 |
kernel: i2c: i801: Fix block process call transactions |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26595 |
kernel: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26598 |
kernel: kvm: Avoid potential UAF in LPI translation cache |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2024-26599 |
kernel: pwm: Fix out-of-bounds access in of_pwm_single_xlate() |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| MEDIUM |
CVE-2024-26600 |
kernel: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26601 |
kernel: ext4: regenerate buddy after block freeing failed if under fc replay |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26603 |
kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2024-26605 |
kernel: PCI/ASPM: Fix deadlock when enabling ASPM |
linux-libc-dev |
6.1.27-1 |
|
| MEDIUM |
CVE-2023-4641 |
shadow-utils: possible password leak during passwd(1) change |
login |
1:4.13+dfsg1-1+b1 |
|
| MEDIUM |
CVE-2023-22084 |
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) |
mariadb-common |
1:10.11.3-1 |
1:10.11.6-0+deb12u1 |
| MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
ncurses-base |
6.4-4 |
|
| MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
ncurses-bin |
6.4-4 |
|
| MEDIUM |
CVE-2023-48795 |
ssh: Prefix truncation attack on Binary Packet Protocol (BPP) |
openssh-client |
1:9.2p1-2 |
1:9.2p1-2+deb12u2 |
| MEDIUM |
CVE-2023-51384 |
openssh: destination constraints only apply to first PKCS#11 key |
openssh-client |
1:9.2p1-2 |
1:9.2p1-2+deb12u2 |
| MEDIUM |
CVE-2023-51385 |
openssh: potential command injection via shell metacharacters |
openssh-client |
1:9.2p1-2 |
1:9.2p1-2+deb12u2 |
| MEDIUM |
CVE-2023-2975 |
openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data |
openssl |
3.0.9-1 |
3.0.10-1~deb12u1 |
| MEDIUM |
CVE-2023-3446 |
openssl: Excessive time spent checking DH keys and parameters |
openssl |
3.0.9-1 |
3.0.10-1~deb12u1 |
| MEDIUM |
CVE-2023-3817 |
OpenSSL: Excessive time spent checking DH q parameter value |
openssl |
3.0.9-1 |
3.0.10-1~deb12u1 |
| MEDIUM |
CVE-2023-5678 |
openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or par |
openssl |
3.0.9-1 |
|
| MEDIUM |
CVE-2023-6129 |
openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC |
openssl |
3.0.9-1 |
|
| MEDIUM |
CVE-2023-6237 |
openssl: Excessive time spent checking invalid RSA public keys |
openssl |
3.0.9-1 |
|
| MEDIUM |
CVE-2024-0727 |
openssl: denial of service via null dereference |
openssl |
3.0.9-1 |
|
| MEDIUM |
CVE-2023-4641 |
shadow-utils: possible password leak during passwd(1) change |
passwd |
1:4.13+dfsg1-1+b1 |
|
| MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
python3.11 |
3.11.2-6 |
|
| MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
python3.11 |
3.11.2-6 |
|
| MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
python3.11-minimal |
3.11.2-6 |
|
| MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
python3.11-minimal |
3.11.2-6 |
|
| MEDIUM |
CVE-2021-31879 |
wget: authorization header disclosure on redirect |
wget |
1.21.3-1+b2 |
|
| MEDIUM |
CVE-2024-24680 |
Django: denial-of-service in intcomma template filter |
Django |
3.1.14 |
3.2.24, 4.2.10, 5.0.2 |
| MEDIUM |
CVE-2024-22195 |
jinja2: HTML attribute injection when passing user input as keys to xmlattr filter |
Jinja2 |
3.1.2 |
3.1.3 |
| MEDIUM |
CVE-2022-23491 |
python-certifi: untrusted root certificates |
certifi |
2021.10.8 |
2022.12.07 |
| MEDIUM |
CVE-2023-23931 |
python-cryptography: memory corruption via immutable objects |
cryptography |
38.0.4 |
39.0.1 |
| MEDIUM |
CVE-2023-49083 |
python-cryptography: NULL-dereference when loading PKCS7 certificates |
cryptography |
38.0.4 |
41.0.6 |
| MEDIUM |
CVE-2024-0727 |
openssl: denial of service via null dereference |
cryptography |
38.0.4 |
42.0.2 |
| MEDIUM |
CVE-2023-5752 |
pip: Mercurial configuration injectable in repo revision when installing via pip |
pip |
23.0.1 |
23.3 |
| MEDIUM |
CVE-2023-32681 |
python-requests: Unintended leak of Proxy-Authorization header |
requests |
2.26.0 |
2.31.0 |
| MEDIUM |
CVE-2023-43804 |
python-urllib3: Cookie request header isn't stripped during cross-origin redirects |
urllib3 |
1.26.16 |
2.0.6, 1.26.17 |
| MEDIUM |
CVE-2023-45803 |
urllib3: Request body not stripped after redirect from 303 status changes request method to GET |
urllib3 |
1.26.16 |
2.0.7, 1.26.18 |
| LOW |
CVE-2011-3374 |
It was found that apt-key in apt, all versions, do not correctly valid ... |
apt |
2.6.1 |
|
| LOW |
TEMP-0841856-B18BAF |
[Privilege escalation possible to other user than root] |
bash |
5.2.15-2+b2 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
binutils |
2.40-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
binutils |
2.40-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
binutils |
2.40-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
binutils |
2.40-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
binutils |
2.40-2 |
|
| LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
binutils |
2.40-2 |
|
| LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
binutils |
2.40-2 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
binutils-common |
2.40-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
binutils-common |
2.40-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
binutils-common |
2.40-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
binutils-common |
2.40-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
binutils-common |
2.40-2 |
|
| LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
binutils-common |
2.40-2 |
|
| LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
binutils-common |
2.40-2 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
binutils-x86-64-linux-gnu |
2.40-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
binutils-x86-64-linux-gnu |
2.40-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
binutils-x86-64-linux-gnu |
2.40-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
binutils-x86-64-linux-gnu |
2.40-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
binutils-x86-64-linux-gnu |
2.40-2 |
|
| LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
binutils-x86-64-linux-gnu |
2.40-2 |
|
| LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
binutils-x86-64-linux-gnu |
2.40-2 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
bsdutils |
1:2.38.1-5+b1 |
|
| LOW |
CVE-2016-2781 |
coreutils: Non-privileged session can escape to the parent session in chroot |
coreutils |
9.1-1 |
|
| LOW |
CVE-2017-18018 |
coreutils: race condition vulnerability in chown and chgrp |
coreutils |
9.1-1 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
cpp-12 |
12.2.0-14 |
|
| LOW |
CVE-2023-38546 |
curl: cookie injection with none file |
curl |
7.88.1-10 |
7.88.1-10+deb12u4 |
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
dirmngr |
2.2.40-1.1 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
g++-12 |
12.2.0-14 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
gcc-12 |
12.2.0-14 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
gcc-12-base |
12.2.0-14 |
|
| LOW |
CVE-2018-1000021 |
git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages t |
git |
1:2.39.2-1.1 |
|
| LOW |
CVE-2022-24975 |
git: The --mirror option for git leaks secret for deleted content, aka the "GitBleed" |
git |
1:2.39.2-1.1 |
|
| LOW |
CVE-2023-25815 |
git: malicious placement of crafted messages when git was compiled with runtime prefix |
git |
1:2.39.2-1.1 |
|
| LOW |
CVE-2018-1000021 |
git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages t |
git-man |
1:2.39.2-1.1 |
|
| LOW |
CVE-2022-24975 |
git: The --mirror option for git leaks secret for deleted content, aka the "GitBleed" |
git-man |
1:2.39.2-1.1 |
|
| LOW |
CVE-2023-25815 |
git: malicious placement of crafted messages when git was compiled with runtime prefix |
git-man |
1:2.39.2-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gnupg |
2.2.40-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gnupg-l10n |
2.2.40-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gnupg-utils |
2.2.40-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpg |
2.2.40-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpg-agent |
2.2.40-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpg-wks-client |
2.2.40-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpg-wks-server |
2.2.40-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpgconf |
2.2.40-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpgsm |
2.2.40-1.1 |
|
| LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpgv |
2.2.40-1.1 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
imagemagick |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
imagemagick-6-common |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
imagemagick-6.q16 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
krb5-multidev |
1.20.1-2 |
|
| LOW |
CVE-2011-3374 |
It was found that apt-key in apt, all versions, do not correctly valid ... |
libapt-pkg6.0 |
2.6.1 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libasan8 |
12.2.0-14 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libatomic1 |
12.2.0-14 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
libbinutils |
2.40-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
libbinutils |
2.40-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
libbinutils |
2.40-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
libbinutils |
2.40-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
libbinutils |
2.40-2 |
|
| LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
libbinutils |
2.40-2 |
|
| LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
libbinutils |
2.40-2 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libblkid-dev |
2.38.1-5+b1 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libblkid1 |
2.38.1-5+b1 |
|
| LOW |
CVE-2016-9797 |
buffer over-read in l2cap_dump() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9798 |
use-after-free in conf_opt() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9799 |
bluez: buffer overflow in pklg_read_hci() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9800 |
buffer overflow in pin_code_reply_dump() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9801 |
buffer overflow in set_ext_ctrl() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9802 |
bluez: buffer over-read in l2cap_packet() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9803 |
bluez: out-of-bounds read in le_meta_ev_dump() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9804 |
bluez: buffer overflow in commands_dump() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9917 |
Heap-based buffer overflow vulnerability in read_n() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9918 |
Out of bounds stack read in packet_hexdump() |
libbluetooth-dev |
5.66-1 |
|
| LOW |
CVE-2016-9797 |
buffer over-read in l2cap_dump() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2016-9798 |
use-after-free in conf_opt() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2016-9799 |
bluez: buffer overflow in pklg_read_hci() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2016-9800 |
buffer overflow in pin_code_reply_dump() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2016-9801 |
buffer overflow in set_ext_ctrl() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2016-9802 |
bluez: buffer over-read in l2cap_packet() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2016-9803 |
bluez: out-of-bounds read in le_meta_ev_dump() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2016-9804 |
bluez: buffer overflow in commands_dump() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2016-9917 |
Heap-based buffer overflow vulnerability in read_n() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2016-9918 |
Out of bounds stack read in packet_hexdump() |
libbluetooth3 |
5.66-1 |
|
| LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc-bin |
2.36-9 |
|
| LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-bin |
2.36-9 |
|
| LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc-bin |
2.36-9 |
|
| LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc-bin |
2.36-9 |
|
| LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc-bin |
2.36-9 |
|
| LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc-bin |
2.36-9 |
|
| LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-bin |
2.36-9 |
|
| LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc-dev-bin |
2.36-9 |
|
| LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-dev-bin |
2.36-9 |
|
| LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc-dev-bin |
2.36-9 |
|
| LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc-dev-bin |
2.36-9 |
|
| LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc-dev-bin |
2.36-9 |
|
| LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc-dev-bin |
2.36-9 |
|
| LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-dev-bin |
2.36-9 |
|
| LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc6 |
2.36-9 |
|
| LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6 |
2.36-9 |
|
| LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc6 |
2.36-9 |
|
| LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc6 |
2.36-9 |
|
| LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc6 |
2.36-9 |
|
| LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc6 |
2.36-9 |
|
| LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6 |
2.36-9 |
|
| LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc6-dev |
2.36-9 |
|
| LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6-dev |
2.36-9 |
|
| LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc6-dev |
2.36-9 |
|
| LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc6-dev |
2.36-9 |
|
| LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc6-dev |
2.36-9 |
|
| LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc6-dev |
2.36-9 |
|
| LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6-dev |
2.36-9 |
|
| LOW |
CVE-2017-7475 |
cairo: NULL pointer dereference with a crafted font file |
libcairo-gobject2 |
1.16.0-7 |
|
| LOW |
CVE-2018-18064 |
cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document |
libcairo-gobject2 |
1.16.0-7 |
|
| LOW |
CVE-2019-6461 |
cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c |
libcairo-gobject2 |
1.16.0-7 |
|
| LOW |
CVE-2019-6462 |
cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c |
libcairo-gobject2 |
1.16.0-7 |
|
| LOW |
CVE-2017-7475 |
cairo: NULL pointer dereference with a crafted font file |
libcairo-script-interpreter2 |
1.16.0-7 |
|
| LOW |
CVE-2018-18064 |
cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document |
libcairo-script-interpreter2 |
1.16.0-7 |
|
| LOW |
CVE-2019-6461 |
cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c |
libcairo-script-interpreter2 |
1.16.0-7 |
|
| LOW |
CVE-2019-6462 |
cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c |
libcairo-script-interpreter2 |
1.16.0-7 |
|
| LOW |
CVE-2017-7475 |
cairo: NULL pointer dereference with a crafted font file |
libcairo2 |
1.16.0-7 |
|
| LOW |
CVE-2018-18064 |
cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document |
libcairo2 |
1.16.0-7 |
|
| LOW |
CVE-2019-6461 |
cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c |
libcairo2 |
1.16.0-7 |
|
| LOW |
CVE-2019-6462 |
cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c |
libcairo2 |
1.16.0-7 |
|
| LOW |
CVE-2017-7475 |
cairo: NULL pointer dereference with a crafted font file |
libcairo2-dev |
1.16.0-7 |
|
| LOW |
CVE-2018-18064 |
cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document |
libcairo2-dev |
1.16.0-7 |
|
| LOW |
CVE-2019-6461 |
cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c |
libcairo2-dev |
1.16.0-7 |
|
| LOW |
CVE-2019-6462 |
cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c |
libcairo2-dev |
1.16.0-7 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libcc1-0 |
12.2.0-14 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
libctf-nobfd0 |
2.40-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
libctf-nobfd0 |
2.40-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
libctf-nobfd0 |
2.40-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
libctf-nobfd0 |
2.40-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
libctf-nobfd0 |
2.40-2 |
|
| LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
libctf-nobfd0 |
2.40-2 |
|
| LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
libctf-nobfd0 |
2.40-2 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
libctf0 |
2.40-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
libctf0 |
2.40-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
libctf0 |
2.40-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
libctf0 |
2.40-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
libctf0 |
2.40-2 |
|
| LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
libctf0 |
2.40-2 |
|
| LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
libctf0 |
2.40-2 |
|
| LOW |
CVE-2023-38546 |
curl: cookie injection with none file |
libcurl3-gnutls |
7.88.1-10 |
7.88.1-10+deb12u4 |
| LOW |
CVE-2023-38546 |
curl: cookie injection with none file |
libcurl4 |
7.88.1-10 |
7.88.1-10+deb12u4 |
| LOW |
CVE-2023-38546 |
curl: cookie injection with none file |
libcurl4-openssl-dev |
7.88.1-10 |
7.88.1-10+deb12u4 |
| LOW |
CVE-2024-25260 |
elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname. |
libelf1 |
0.188-2.1 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libgcc-12-dev |
12.2.0-14 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libgcc-s1 |
12.2.0-14 |
|
| LOW |
CVE-2018-6829 |
libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintex |
libgcrypt20 |
1.10.1-3 |
|
| LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-0 |
2.74.6-2 |
|
| LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-bin |
2.74.6-2 |
|
| LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-data |
2.74.6-2 |
|
| LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-dev |
2.74.6-2 |
|
| LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-dev-bin |
2.74.6-2 |
|
| LOW |
CVE-2011-3389 |
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) |
libgnutls30 |
3.7.9-2 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libgomp1 |
12.2.0-14 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
libgprofng0 |
2.40-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
libgprofng0 |
2.40-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
libgprofng0 |
2.40-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
libgprofng0 |
2.40-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
libgprofng0 |
2.40-2 |
|
| LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
libgprofng0 |
2.40-2 |
|
| LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
libgprofng0 |
2.40-2 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libgssapi-krb5-2 |
1.20.1-2 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libgssrpc4 |
1.20.1-2 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libitm1 |
12.2.0-14 |
|
| LOW |
CVE-2020-36325 |
jansson: out-of-bounds read in json_loads() due to a parsing error |
libjansson4 |
2.14-2 |
|
| LOW |
CVE-2017-9937 |
libtiff: memory malloc failure in tif_jbig.c could cause DOS. |
libjbig-dev |
2.1-6.1 |
|
| LOW |
CVE-2017-9937 |
libtiff: memory malloc failure in tif_jbig.c could cause DOS. |
libjbig0 |
2.1-6.1 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libk5crypto3 |
1.20.1-2 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkadm5clnt-mit12 |
1.20.1-2 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkadm5srv-mit12 |
1.20.1-2 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkdb5-10 |
1.20.1-2 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkrb5-3 |
1.20.1-2 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkrb5-dev |
1.20.1-2 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkrb5support0 |
1.20.1-2 |
|
| LOW |
CVE-2015-3276 |
incorrect multi-keyword mode cipherstring parsing |
libldap-2.5-0 |
2.5.13+dfsg-5 |
|
| LOW |
CVE-2017-14159 |
openldap: Privilege escalation via PID file manipulation |
libldap-2.5-0 |
2.5.13+dfsg-5 |
|
| LOW |
CVE-2017-17740 |
openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers |
libldap-2.5-0 |
2.5.13+dfsg-5 |
|
| LOW |
CVE-2020-15719 |
openldap: Certificate validation incorrectly matches name against CN-ID |
libldap-2.5-0 |
2.5.13+dfsg-5 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
liblsan0 |
12.2.0-14 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6-arch-config |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6.q16-6-extra |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickwand-6-headers |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickwand-6.q16-6 |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickwand-6.q16-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickwand-dev |
8:6.9.11.60+dfsg-1.6 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libmount-dev |
2.38.1-5+b1 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libmount1 |
2.38.1-5+b1 |
|
| LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncurses-dev |
6.4-4 |
|
| LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncurses5-dev |
6.4-4 |
|
| LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncurses6 |
6.4-4 |
|
| LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncursesw5-dev |
6.4-4 |
|
| LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncursesw6 |
6.4-4 |
|
| LOW |
CVE-2017-14988 |
OpenEXR: Excessive memory allocation in Header::readfrom |
libopenexr-3-1-30 |
3.1.5-5 |
|
| LOW |
CVE-2021-26945 |
DeepTiledInputPart> |
libopenexr-3-1-30 |
3.1.5-5 |
|
| LOW |
CVE-2017-14988 |
OpenEXR: Excessive memory allocation in Header::readfrom |
libopenexr-dev |
3.1.5-5 |
|
| LOW |
CVE-2021-26945 |
DeepTiledInputPart> |
libopenexr-dev |
3.1.5-5 |
|
| LOW |
CVE-2016-10505 |
NULL pointer dereference in imagetopnm function in convert.c |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2016-10506 |
Division by zero in functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2016-9113 |
CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security i |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2016-9114 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2016-9115 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2016-9116 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2016-9117 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2016-9580 |
Integer overflow in tiftoimage causes heap buffer overflow |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2016-9581 |
Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1 |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2017-17479 |
openjpeg: Stack-buffer overflow in the pgxtoimage function |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2018-16375 |
openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2018-16376 |
openjpeg: Heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2018-20846 |
openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2019-6988 |
openjpeg: DoS via memory exhaustion in opj_decompress |
libopenjp2-7 |
2.5.0-2 |
|
| LOW |
CVE-2016-10505 |
NULL pointer dereference in imagetopnm function in convert.c |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2016-10506 |
Division by zero in functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2016-9113 |
CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security i |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2016-9114 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2016-9115 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2016-9116 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2016-9117 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2016-9580 |
Integer overflow in tiftoimage causes heap buffer overflow |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2016-9581 |
Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1 |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2017-17479 |
openjpeg: Stack-buffer overflow in the pgxtoimage function |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2018-16375 |
openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2018-16376 |
openjpeg: Heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2018-20846 |
openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2019-6988 |
openjpeg: DoS via memory exhaustion in opj_decompress |
libopenjp2-7-dev |
2.5.0-2 |
|
| LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
libperl5.36 |
5.36.0-7 |
|
| LOW |
CVE-2023-31486 |
http-tiny: insecure TLS cert default |
libperl5.36 |
5.36.0-7 |
|
| LOW |
CVE-2023-37769 |
stress-test master commit e4c878 was discovered to contain a FPE vulne ... |
libpixman-1-0 |
0.42.2-1 |
|
| LOW |
CVE-2023-37769 |
stress-test master commit e4c878 was discovered to contain a FPE vulne ... |
libpixman-1-dev |
0.42.2-1 |
|
| LOW |
CVE-2021-4214 |
libpng: hardcoded value leads to heap-overflow |
libpng-dev |
1.6.39-2 |
|
| LOW |
CVE-2021-4214 |
libpng: hardcoded value leads to heap-overflow |
libpng16-16 |
1.6.39-2 |
|
| LOW |
CVE-2023-4016 |
procps: ps buffer overflow |
libproc2-0 |
2:4.0.2-3 |
|
| LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
libpython3.11-minimal |
3.11.2-6 |
|
| LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
libpython3.11-stdlib |
3.11.2-6 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libquadmath0 |
12.2.0-14 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libsmartcols1 |
2.38.1-5+b1 |
|
| LOW |
CVE-2021-45346 |
sqlite: crafted SQL query allows a malicious user to obtain sensitive information |
libsqlite3-0 |
3.40.1-2 |
|
| LOW |
CVE-2021-45346 |
sqlite: crafted SQL query allows a malicious user to obtain sensitive information |
libsqlite3-dev |
3.40.1-2 |
|
| LOW |
CVE-2007-6755 |
Dual_EC_DRBG: weak pseudo random number generator |
libssl-dev |
3.0.9-1 |
|
| LOW |
CVE-2010-0928 |
openssl: RSA authentication weakness |
libssl-dev |
3.0.9-1 |
|
| LOW |
CVE-2007-6755 |
Dual_EC_DRBG: weak pseudo random number generator |
libssl3 |
3.0.9-1 |
|
| LOW |
CVE-2010-0928 |
openssl: RSA authentication weakness |
libssl3 |
3.0.9-1 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libstdc++-12-dev |
12.2.0-14 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libstdc++6 |
12.2.0-14 |
|
| LOW |
CVE-2013-4392 |
TOCTOU race condition when updating file permissions and SELinux security contexts |
libsystemd0 |
252.6-1 |
|
| LOW |
CVE-2023-31437 |
An issue was discovered in systemd 253. An attacker can modify a seale ... |
libsystemd0 |
252.6-1 |
|
| LOW |
CVE-2023-31438 |
An issue was discovered in systemd 253. An attacker can truncate a sea ... |
libsystemd0 |
252.6-1 |
|
| LOW |
CVE-2023-31439 |
An issue was discovered in systemd 253. An attacker can modify the con ... |
libsystemd0 |
252.6-1 |
|
| LOW |
CVE-2021-35331 |
In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow ... |
libtcl8.6 |
8.6.13+dfsg-2 |
|
| LOW |
CVE-2017-16232 |
libtiff: Memory leaks in tif_open.c, tif_lzw.c, and tif_aux.c |
libtiff-dev |
4.5.0-6 |
|
| LOW |
CVE-2017-17973 |
libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc |
libtiff-dev |
4.5.0-6 |
|
| LOW |
CVE-2017-5563 |
libtiff: Heap-buffer overflow in LZWEncode tif_lzw.c |
libtiff-dev |
4.5.0-6 |
|
| LOW |
CVE-2017-9117 |
libtiff: Heap-based buffer over-read in bmp2tiff |
libtiff-dev |
4.5.0-6 |
|
| LOW |
CVE-2018-10126 |
libtiff: NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c |
libtiff-dev |
4.5.0-6 |
|
| LOW |
CVE-2022-1210 |
tiff: Malicious file leads to a denial of service in TIFF File Handler |
libtiff-dev |
4.5.0-6 |
|
| LOW |
CVE-2023-1916 |
libtiff: out-of-bounds read in extractImageSection() in tools/tiffcrop.c |
libtiff-dev |
4.5.0-6 |
|
| LOW |
CVE-2023-3164 |
libtiff: heap-buffer-overflow in extractImageSection() |
libtiff-dev |
4.5.0-6 |
|
| LOW |
CVE-2023-6228 |
libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c |
libtiff-dev |
4.5.0-6 |
|
| LOW |
CVE-2017-16232 |
libtiff: Memory leaks in tif_open.c, tif_lzw.c, and tif_aux.c |
libtiff6 |
4.5.0-6 |
|
| LOW |
CVE-2017-17973 |
libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc |
libtiff6 |
4.5.0-6 |
|
| LOW |
CVE-2017-5563 |
libtiff: Heap-buffer overflow in LZWEncode tif_lzw.c |
libtiff6 |
4.5.0-6 |
|
| LOW |
CVE-2017-9117 |
libtiff: Heap-based buffer over-read in bmp2tiff |
libtiff6 |
4.5.0-6 |
|
| LOW |
CVE-2018-10126 |
libtiff: NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c |
libtiff6 |
4.5.0-6 |
|
| LOW |
CVE-2022-1210 |
tiff: Malicious file leads to a denial of service in TIFF File Handler |
libtiff6 |
4.5.0-6 |
|
| LOW |
CVE-2023-1916 |
libtiff: out-of-bounds read in extractImageSection() in tools/tiffcrop.c |
libtiff6 |
4.5.0-6 |
|
| LOW |
CVE-2023-3164 |
libtiff: heap-buffer-overflow in extractImageSection() |
libtiff6 |
4.5.0-6 |
|
| LOW |
CVE-2023-6228 |
libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c |
libtiff6 |
4.5.0-6 |
|
| LOW |
CVE-2017-16232 |
libtiff: Memory leaks in tif_open.c, tif_lzw.c, and tif_aux.c |
libtiffxx6 |
4.5.0-6 |
|
| LOW |
CVE-2017-17973 |
libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc |
libtiffxx6 |
4.5.0-6 |
|
| LOW |
CVE-2017-5563 |
libtiff: Heap-buffer overflow in LZWEncode tif_lzw.c |
libtiffxx6 |
4.5.0-6 |
|
| LOW |
CVE-2017-9117 |
libtiff: Heap-based buffer over-read in bmp2tiff |
libtiffxx6 |
4.5.0-6 |
|
| LOW |
CVE-2018-10126 |
libtiff: NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c |
libtiffxx6 |
4.5.0-6 |
|
| LOW |
CVE-2022-1210 |
tiff: Malicious file leads to a denial of service in TIFF File Handler |
libtiffxx6 |
4.5.0-6 |
|
| LOW |
CVE-2023-1916 |
libtiff: out-of-bounds read in extractImageSection() in tools/tiffcrop.c |
libtiffxx6 |
4.5.0-6 |
|
| LOW |
CVE-2023-3164 |
libtiff: heap-buffer-overflow in extractImageSection() |
libtiffxx6 |
4.5.0-6 |
|
| LOW |
CVE-2023-6228 |
libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c |
libtiffxx6 |
4.5.0-6 |
|
| LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libtinfo6 |
6.4-4 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libtsan2 |
12.2.0-14 |
|
| LOW |
CVE-2022-27943 |
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const |
libubsan1 |
12.2.0-14 |
|
| LOW |
CVE-2013-4392 |
TOCTOU race condition when updating file permissions and SELinux security contexts |
libudev1 |
252.6-1 |
|
| LOW |
CVE-2023-31437 |
An issue was discovered in systemd 253. An attacker can modify a seale ... |
libudev1 |
252.6-1 |
|
| LOW |
CVE-2023-31438 |
An issue was discovered in systemd 253. An attacker can truncate a sea ... |
libudev1 |
252.6-1 |
|
| LOW |
CVE-2023-31439 |
An issue was discovered in systemd 253. An attacker can modify the con ... |
libudev1 |
252.6-1 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libuuid1 |
2.38.1-5+b1 |
|
| LOW |
CVE-2007-3476 |
libgd Denial of service by corrupted GIF images |
libwmf-0.2-7 |
0.2.12-5.1 |
|
| LOW |
CVE-2007-3477 |
gd: arc drawing functions can consume large amount of CPU time |
libwmf-0.2-7 |
0.2.12-5.1 |
|
| LOW |
CVE-2007-3996 |
php multiple integer overflows in gd |
libwmf-0.2-7 |
0.2.12-5.1 |
|
| LOW |
CVE-2009-3546 |
gd: insufficient input validation in _gdGetColors() |
libwmf-0.2-7 |
0.2.12-5.1 |
|
| LOW |
TEMP-0601525-BEBB65 |
[libgd2: gdImageColorTransparent can write outside buffer] |
libwmf-0.2-7 |
0.2.12-5.1 |
|
| LOW |
CVE-2007-3476 |
libgd Denial of service by corrupted GIF images |
libwmf-dev |
0.2.12-5.1 |
|
| LOW |
CVE-2007-3477 |
gd: arc drawing functions can consume large amount of CPU time |
libwmf-dev |
0.2.12-5.1 |
|
| LOW |
CVE-2007-3996 |
php multiple integer overflows in gd |
libwmf-dev |
0.2.12-5.1 |
|
| LOW |
CVE-2009-3546 |
gd: insufficient input validation in _gdGetColors() |
libwmf-dev |
0.2.12-5.1 |
|
| LOW |
TEMP-0601525-BEBB65 |
[libgd2: gdImageColorTransparent can write outside buffer] |
libwmf-dev |
0.2.12-5.1 |
|
| LOW |
CVE-2007-3476 |
libgd Denial of service by corrupted GIF images |
libwmflite-0.2-7 |
0.2.12-5.1 |
|
| LOW |
CVE-2007-3477 |
gd: arc drawing functions can consume large amount of CPU time |
libwmflite-0.2-7 |
0.2.12-5.1 |
|
| LOW |
CVE-2007-3996 |
php multiple integer overflows in gd |
libwmflite-0.2-7 |
0.2.12-5.1 |
|
| LOW |
CVE-2009-3546 |
gd: insufficient input validation in _gdGetColors() |
libwmflite-0.2-7 |
0.2.12-5.1 |
|
| LOW |
TEMP-0601525-BEBB65 |
[libgd2: gdImageColorTransparent can write outside buffer] |
libwmflite-0.2-7 |
0.2.12-5.1 |
|
| LOW |
CVE-2015-9019 |
libxslt: math.random() in xslt uses unseeded randomness |
libxslt1-dev |
1.1.35-1 |
|
| LOW |
CVE-2015-9019 |
libxslt: math.random() in xslt uses unseeded randomness |
libxslt1.1 |
1.1.35-1 |
|
| LOW |
CVE-2004-0230 |
TCP, when using a large Window Size, makes it easier for remote attack ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2005-3660 |
Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2007-3719 |
kernel: secretly Monopolizing the CPU Without Superuser Privileges |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2008-2544 |
kernel: mounting proc readonly on a different mount point silently mounts it rw if the /proc mount i |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2008-4609 |
kernel: TCP protocol vulnerabilities from Outpost24 |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2010-4563 |
kernel: ipv6: sniffer detection |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2010-5321 |
kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap() |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2011-4915 |
fs/proc/base.c in the Linux kernel through 3.1 allows local users to o ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2011-4916 |
Linux kernel through 3.1 allows local users to obtain sensitive keystr ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2011-4917 |
In the Linux kernel through 3.1 there is an information disclosure iss ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2012-4542 |
default SCSI command filter does not accomodate commands overlap across device classes |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2014-9892 |
The snd_compr_tstamp function in sound/core/compress_offload.c in the ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2014-9900 |
kernel: Info leak in uninitialized structure ethtool_wolinfo in ethtool_get_wol() |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2015-2877 |
Kernel: Cross-VM ASL INtrospection (CAIN) |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2016-10723 |
An issue was discovered in the Linux kernel through 4.17.2. Since the ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2016-8660 |
kernel: xfs: local DoS due to a page lock order bug in the XFS seek hole/data implementation |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2017-0630 |
kernel: Information disclosure vulnerability in kernel trace subsystem |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2017-13693 |
kernel: ACPI operand cache leak in dsutils.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2017-13694 |
kernel: ACPI node and node_ext cache leak |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2018-1121 |
procps-ng, procps: process hiding through race condition enumerating /proc |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2018-12928 |
kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2018-17977 |
kernel: Mishandled interactions among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP pack |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-11191 |
kernel: race condition in load_aout_binary() allows local users to bypass ASLR on setuid a.out progr |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-12378 |
kernel: unchecked kmalloc of new_ra in ip6_ra_control leads to denial of service |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-12379 |
kernel: memory leak in con_insert_unipair in drivers/tty/vt/consolemap.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-12380 |
memory allocation failure in the efi subsystem leads to denial of service |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-12381 |
kernel: unchecked kmalloc of new_ra in ip_ra_control leads to denial of service |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-12382 |
unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-12455 |
null pointer dereference in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c causing denial of |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-12456 |
kernel: double fetch in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl. |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-16229 |
null pointer dereference in drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-16230 |
null pointer dereference in drivers/gpu/drm/radeon/radeon_display.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-16231 |
null-pointer dereference in drivers/net/fjes/fjes_main.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-16232 |
null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-16233 |
null pointer dereference in drivers/scsi/qla2xxx/qla_os.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-16234 |
null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-19070 |
kernel: A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c allows for a DoS |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2019-19378 |
out-of-bounds write in index_rbio_pages in fs/btrfs/raid56.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2020-11725 |
kernel: improper handling of private_size*count multiplication due to count=info->owner typo |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2020-35501 |
kernel: audit not logging access to syscall open_by_handle_at for users with CAP_DAC_READ_SEARCH cap |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2021-26934 |
An issue was discovered in the Linux kernel 4.18 through 5.10.16, as u ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2021-3714 |
kernel: Remote Page Deduplication Attacks |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-0400 |
Out of bounds read in the smc protocol stack |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-1247 |
A race condition bug in rose_connect() |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-25265 |
kernel: Executable Space Protection Bypass |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-2961 |
race condition in rose_bind() |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-3238 |
ntfs3 local privledge escalation if NTFS character set and remount and umount called simultaneously |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-41848 |
Race condition between mgslpc_ioctl and mgslpc_detach |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-44032 |
Race between cmm_open() and cm4000_detach() result in UAF |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-44033 |
A race condition between cm4040_open() and reader_detach() may result in UAF |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-44034 |
A use-after-free due to race between scr24x_open() and scr24x_remove() |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-45884 |
kernel: use-after-free due to race condition occurring in dvb_register_device() |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-45885 |
kernel: use-after-free due to race condition occurring in dvb_frontend.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-45886 |
kernel: use-after-free due to race condition occurring in dvb_net.c |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2022-45887 |
kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2022-45888 |
kernel: use-after-free due to race condition in drivers/char/xillybus/xillyusb.c |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2022-45919 |
kernel: use-after-free due to race condition occurring in dvb_ca_en50221.c |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2022-48425 |
invalid kfree in fs/ntfs3/inode.c |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2022-48502 |
ntfs3 subsystem does not properly check for correctness during disk reads |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| LOW |
CVE-2023-23039 |
kernel: tty: vcc: race condition leading to use-after-free in vcc_open() |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2023-26242 |
afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2023-31081 |
An issue was discovered in drivers/media/test-drivers/vidtv/vidtv_brid ... |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2023-31085 |
kernel: divide-by-zero error in ctrl_cdev_ioctl when do_div happens and erasesize is 0 |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2023-3141 |
kernel: Use after free bug in r592_remove |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2023-34256 |
Out of bounds read in crc16 in lib/crc16.c |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2023-35823 |
kernel: saa7134: race condition leading to use-after-free in saa7134_finidev() |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2023-35824 |
kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c() |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2023-35826 |
race condition leading to use-after-free in cedrus_remove() |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2023-35828 |
race condition leading to use-after-free in renesas_usb3_remove() |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2023-35829 |
race condition leading to use-after-free in rkvdec_remove() |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2023-39191 |
kernel: eBPF: insufficient stack type checks in dynptr |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2023-4134 |
use-after-free in cyttsp4_watchdog_work() |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2023-52445 |
kernel: pvrusb2: fix use after free on context disconnection |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| LOW |
CVE-2023-52474 |
kernel: non-PAGE_SIZE-end multi-iovec user SDMA requests |
linux-libc-dev |
6.1.27-1 |
6.1.37-1 |
| LOW |
CVE-2023-6610 |
kernel: OOB Access in smb2_dump_detail |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| LOW |
CVE-2024-26606 |
kernel: signal epoll threads of self-work |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
TEMP-0000000-F7A20F |
[Kernel: Unprivileged user can freeze journald] |
linux-libc-dev |
6.1.27-1 |
|
| LOW |
CVE-2007-5686 |
initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... |
login |
1:4.13+dfsg1-1+b1 |
|
| LOW |
CVE-2019-19882 |
shadow-utils: local users can obtain root access because setuid programs are misconfigured |
login |
1:4.13+dfsg1-1+b1 |
|
| LOW |
CVE-2023-29383 |
Improper input validation in shadow-utils package utility chfn |
login |
1:4.13+dfsg1-1+b1 |
|
| LOW |
TEMP-0628843-DBAD28 |
[more related to CVE-2005-4890] |
login |
1:4.13+dfsg1-1+b1 |
|
| LOW |
CVE-2008-1687 |
m4: unquoted output of maketemp and mkstemp |
m4 |
1.4.19-3 |
|
| LOW |
CVE-2008-1688 |
m4: code execution via -F argument |
m4 |
1.4.19-3 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
mount |
2.38.1-5+b1 |
|
| LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
ncurses-base |
6.4-4 |
|
| LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
ncurses-bin |
6.4-4 |
|
| LOW |
CVE-2007-2243 |
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabl ... |
openssh-client |
1:9.2p1-2 |
|
| LOW |
CVE-2007-2768 |
OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, a ... |
openssh-client |
1:9.2p1-2 |
|
| LOW |
CVE-2008-3234 |
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapsh ... |
openssh-client |
1:9.2p1-2 |
|
| LOW |
CVE-2016-20012 |
openssh: Public key information leak |
openssh-client |
1:9.2p1-2 |
|
| LOW |
CVE-2018-15919 |
User enumeration via malformed packets in authentication requests |
openssh-client |
1:9.2p1-2 |
|
| LOW |
CVE-2019-6110 |
openssh: Acceptance and display of arbitrary stderr allows for spoofing of scp client output |
openssh-client |
1:9.2p1-2 |
|
| LOW |
CVE-2020-14145 |
openssh: Observable discrepancy leading to an information leak in the algorithm negotiation |
openssh-client |
1:9.2p1-2 |
|
| LOW |
CVE-2020-15778 |
openssh: scp allows command injection when using backtick characters in the destination argument |
openssh-client |
1:9.2p1-2 |
|
| LOW |
CVE-2007-6755 |
Dual_EC_DRBG: weak pseudo random number generator |
openssl |
3.0.9-1 |
|
| LOW |
CVE-2010-0928 |
openssl: RSA authentication weakness |
openssl |
3.0.9-1 |
|
| LOW |
CVE-2007-5686 |
initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... |
passwd |
1:4.13+dfsg1-1+b1 |
|
| LOW |
CVE-2019-19882 |
shadow-utils: local users can obtain root access because setuid programs are misconfigured |
passwd |
1:4.13+dfsg1-1+b1 |
|
| LOW |
CVE-2023-29383 |
Improper input validation in shadow-utils package utility chfn |
passwd |
1:4.13+dfsg1-1+b1 |
|
| LOW |
TEMP-0628843-DBAD28 |
[more related to CVE-2005-4890] |
passwd |
1:4.13+dfsg1-1+b1 |
|
| LOW |
CVE-2010-4651 |
patch: directory traversal flaw allows for arbitrary file creation |
patch |
2.7.6-7 |
|
| LOW |
CVE-2018-6951 |
patch: NULL pointer dereference in pch.c:intuit_diff_type() causes a crash |
patch |
2.7.6-7 |
|
| LOW |
CVE-2018-6952 |
patch: Double free of memory in pch.c:another_hunk() causes a crash |
patch |
2.7.6-7 |
|
| LOW |
CVE-2021-45261 |
Invalid Pointer via another_hunk function |
patch |
2.7.6-7 |
|
| LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
perl |
5.36.0-7 |
|
| LOW |
CVE-2023-31486 |
http-tiny: insecure TLS cert default |
perl |
5.36.0-7 |
|
| LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
perl-base |
5.36.0-7 |
|
| LOW |
CVE-2023-31486 |
http-tiny: insecure TLS cert default |
perl-base |
5.36.0-7 |
|
| LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
perl-modules-5.36 |
5.36.0-7 |
|
| LOW |
CVE-2023-31486 |
http-tiny: insecure TLS cert default |
perl-modules-5.36 |
5.36.0-7 |
|
| LOW |
CVE-2023-4016 |
procps: ps buffer overflow |
procps |
2:4.0.2-3 |
|
| LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
python3.11 |
3.11.2-6 |
|
| LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
python3.11-minimal |
3.11.2-6 |
|
| LOW |
TEMP-0517018-A83CE6 |
[sysvinit: no-root option in expert installer exposes locally exploitable security flaw] |
sysvinit-utils |
3.06-4 |
|
| LOW |
CVE-2005-2541 |
tar: does not properly warn the user when extracting setuid or setgid files |
tar |
1.34+dfsg-1.2 |
|
| LOW |
CVE-2022-48303 |
heap buffer overflow at from_header() in list.c via specially crafted checksum |
tar |
1.34+dfsg-1.2 |
1.34+dfsg-1.2+deb12u1 |
| LOW |
CVE-2023-39804 |
tar: Incorrectly handled extension attributes in PAX archives can lead to a crash |
tar |
1.34+dfsg-1.2 |
1.34+dfsg-1.2+deb12u1 |
| LOW |
TEMP-0290435-0B57B5 |
[tar's rmt command may have undesired side effects] |
tar |
1.34+dfsg-1.2 |
|
| LOW |
CVE-2021-35331 |
In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow ... |
tcl8.6 |
8.6.13+dfsg-2 |
|
| LOW |
CVE-2021-35331 |
In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow ... |
tcl8.6-dev |
8.6.13+dfsg-2 |
|
| LOW |
CVE-2021-4217 |
unzip: Null pointer dereference in Unicode strings code |
unzip |
6.0-28 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
util-linux |
2.38.1-5+b1 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
util-linux-extra |
2.38.1-5+b1 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
uuid-dev |
2.38.1-5+b1 |
|
| LOW |
GHSA-5cpq-8wj7-hf2v |
Vulnerable OpenSSL included in cryptography wheels |
cryptography |
38.0.4 |
41.0.0 |
| LOW |
GHSA-jm77-qphf-c4w8 |
pyca/cryptography's wheels include vulnerable OpenSSL |
cryptography |
38.0.4 |
41.0.3 |
| LOW |
GHSA-v8gr-m533-ghj9 |
Vulnerable OpenSSL included in cryptography wheels |
cryptography |
38.0.4 |
41.0.4 |
| UNKNOWN |
DSA-5460-1 |
curl - security update |
curl |
7.88.1-10 |
7.88.1-10+deb12u1 |
| UNKNOWN |
DSA-5460-1 |
curl - security update |
libcurl3-gnutls |
7.88.1-10 |
7.88.1-10+deb12u1 |
| UNKNOWN |
DSA-5460-1 |
curl - security update |
libcurl4 |
7.88.1-10 |
7.88.1-10+deb12u1 |
| UNKNOWN |
DSA-5460-1 |
curl - security update |
libcurl4-openssl-dev |
7.88.1-10 |
7.88.1-10+deb12u1 |
| UNKNOWN |
CVE-2024-1580 |
An integer overflow in dav1d AV1 decoder that can occur when decoding ... |
libdav1d6 |
1.0.0-2 |
|
| UNKNOWN |
CVE-2023-52440 |
In the Linux kernel, the following vulnerability has been resolved: k ... |
linux-libc-dev |
6.1.27-1 |
6.1.52-1 |
| UNKNOWN |
CVE-2023-52441 |
In the Linux kernel, the following vulnerability has been resolved: k ... |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| UNKNOWN |
CVE-2023-52442 |
In the Linux kernel, the following vulnerability has been resolved: k ... |
linux-libc-dev |
6.1.27-1 |
6.1.55-1 |
| UNKNOWN |
CVE-2023-52443 |
In the Linux kernel, the following vulnerability has been resolved: a ... |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| UNKNOWN |
CVE-2023-52444 |
In the Linux kernel, the following vulnerability has been resolved: f ... |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| UNKNOWN |
CVE-2023-52457 |
In the Linux kernel, the following vulnerability has been resolved: s ... |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| UNKNOWN |
CVE-2024-26588 |
In the Linux kernel, the following vulnerability has been resolved: L ... |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| UNKNOWN |
CVE-2024-26590 |
In the Linux kernel, the following vulnerability has been resolved: e ... |
linux-libc-dev |
6.1.27-1 |
|
| UNKNOWN |
CVE-2024-26592 |
In the Linux kernel, the following vulnerability has been resolved: k ... |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| UNKNOWN |
CVE-2024-26594 |
In the Linux kernel, the following vulnerability has been resolved: k ... |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| UNKNOWN |
CVE-2024-26596 |
In the Linux kernel, the following vulnerability has been resolved: n ... |
linux-libc-dev |
6.1.27-1 |
|
| UNKNOWN |
CVE-2024-26597 |
In the Linux kernel, the following vulnerability has been resolved: n ... |
linux-libc-dev |
6.1.27-1 |
6.1.76-1 |
| UNKNOWN |
CVE-2024-26602 |
In the Linux kernel, the following vulnerability has been resolved: s ... |
linux-libc-dev |
6.1.27-1 |
|