CRITICAL |
CVE-2022-32221 |
POST following PUT confusion |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
CRITICAL |
CVE-2022-23521 |
git: gitattributes parsing integer overflow |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u7 |
CRITICAL |
CVE-2022-41903 |
git: Heap overflow in git archive , git log --format leading to RCE |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u7 |
CRITICAL |
CVE-2022-23521 |
git: gitattributes parsing integer overflow |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u7 |
CRITICAL |
CVE-2022-41903 |
git: Heap overflow in git archive , git log --format leading to RCE |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u7 |
CRITICAL |
CVE-2021-33574 |
mq_notify does not handle separately allocated thread attributes |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2021-35942 |
glibc: Arbitrary read in wordexp() |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2022-23218 |
glibc: Stack-based buffer overflow in svcunix_create via long pathnames |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2022-23219 |
glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2021-33574 |
mq_notify does not handle separately allocated thread attributes |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2021-35942 |
glibc: Arbitrary read in wordexp() |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2022-23218 |
glibc: Stack-based buffer overflow in svcunix_create via long pathnames |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2022-23219 |
glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2021-33574 |
mq_notify does not handle separately allocated thread attributes |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2021-35942 |
glibc: Arbitrary read in wordexp() |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2022-23218 |
glibc: Stack-based buffer overflow in svcunix_create via long pathnames |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2022-23219 |
glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2021-33574 |
mq_notify does not handle separately allocated thread attributes |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2021-35942 |
glibc: Arbitrary read in wordexp() |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2022-23218 |
glibc: Stack-based buffer overflow in svcunix_create via long pathnames |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2022-23219 |
glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
CRITICAL |
CVE-2022-32221 |
POST following PUT confusion |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
CRITICAL |
CVE-2022-32221 |
POST following PUT confusion |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
CRITICAL |
CVE-2022-32221 |
POST following PUT confusion |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
CRITICAL |
CVE-2019-8457 |
heap out-of-bound read in function rtreenode() |
libdb5.3 |
5.3.28+dfsg1-0.5 |
|
CRITICAL |
CVE-2019-8457 |
heap out-of-bound read in function rtreenode() |
libdb5.3-dev |
5.3.28+dfsg1-0.5 |
|
CRITICAL |
CVE-2022-27404 |
FreeType: Buffer overflow in sfnt_init_face |
libfreetype6 |
2.9.1-3+deb10u2 |
2.9.1-3+deb10u3 |
CRITICAL |
CVE-2022-27404 |
FreeType: Buffer overflow in sfnt_init_face |
libfreetype6-dev |
2.9.1-3+deb10u2 |
2.9.1-3+deb10u3 |
CRITICAL |
CVE-2022-3515 |
libksba: integer overflow may lead to remote code execution |
libksba8 |
1.3.5-2 |
1.3.5-2+deb10u1 |
CRITICAL |
CVE-2022-47629 |
libksba: integer overflow to code execution |
libksba8 |
1.3.5-2 |
1.3.5-2+deb10u2 |
CRITICAL |
CVE-2022-1586 |
pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c |
libpcre2-8-0 |
10.32-5 |
10.32-5+deb10u1 |
CRITICAL |
CVE-2022-1587 |
pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c |
libpcre2-8-0 |
10.32-5 |
10.32-5+deb10u1 |
CRITICAL |
CVE-2021-3177 |
python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
CRITICAL |
CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
CRITICAL |
CVE-2021-3177 |
python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
CRITICAL |
CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
CRITICAL |
CVE-2022-37454 |
XKCP: buffer overflow in the SHA-3 reference implementation |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u4 |
CRITICAL |
CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
CRITICAL |
CVE-2022-37454 |
XKCP: buffer overflow in the SHA-3 reference implementation |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u4 |
CRITICAL |
CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
CRITICAL |
CVE-2020-35527 |
sqlite: Out of bounds access during table rename |
libsqlite3-0 |
3.27.2-3+deb10u1 |
3.27.2-3+deb10u2 |
CRITICAL |
CVE-2020-35527 |
sqlite: Out of bounds access during table rename |
libsqlite3-dev |
3.27.2-3+deb10u1 |
3.27.2-3+deb10u2 |
CRITICAL |
CVE-2022-2068 |
openssl: the c_rehash script allows command injection |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u3 |
CRITICAL |
CVE-2022-2068 |
openssl: the c_rehash script allows command injection |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u3 |
CRITICAL |
CVE-2021-46848 |
libtasn1: Out-of-bound access in ETYPE_OK |
libtasn1-6 |
4.13-3 |
4.13-3+deb10u1 |
CRITICAL |
CVE-2021-46848 |
libtasn1: Out-of-bound access in ETYPE_OK |
libtasn1-6-dev |
4.13-3 |
4.13-3+deb10u1 |
CRITICAL |
CVE-2023-25775 |
kernel: irdma: Improper access control |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
CRITICAL |
CVE-2023-38408 |
Remote code execution in ssh-agent PKCS#11 support |
openssh-client |
1:7.9p1-10+deb10u2 |
1:7.9p1-10+deb10u3 |
CRITICAL |
CVE-2022-2068 |
openssl: the c_rehash script allows command injection |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u3 |
CRITICAL |
CVE-2021-3177 |
python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
CRITICAL |
CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
CRITICAL |
CVE-2021-3177 |
python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
CRITICAL |
CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
CRITICAL |
CVE-2022-37454 |
XKCP: buffer overflow in the SHA-3 reference implementation |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u4 |
CRITICAL |
CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
CRITICAL |
CVE-2022-37454 |
XKCP: buffer overflow in the SHA-3 reference implementation |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u4 |
CRITICAL |
CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
CRITICAL |
CVE-2022-37434 |
zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header ext |
zlib1g |
1:1.2.11.dfsg-1+deb10u1 |
1:1.2.11.dfsg-1+deb10u2 |
CRITICAL |
CVE-2023-45853 |
zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 |
zlib1g |
1:1.2.11.dfsg-1+deb10u1 |
|
CRITICAL |
CVE-2022-37434 |
zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header ext |
zlib1g-dev |
1:1.2.11.dfsg-1+deb10u1 |
1:1.2.11.dfsg-1+deb10u2 |
CRITICAL |
CVE-2023-45853 |
zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 |
zlib1g-dev |
1:1.2.11.dfsg-1+deb10u1 |
|
CRITICAL |
CVE-2023-45133 |
babel: arbitrary code execution |
@babel/traverse |
7.22.5 |
7.23.2, 8.0.0-alpha.4 |
HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
comerr-dev |
2.1-1.44.5-1+deb10u3 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
cpp-8 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
cpp-8 |
8.3.0-6 |
|
HIGH |
CVE-2021-22946 |
Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-22576 |
curl: OAUTH2 bearer bypass in connection re-use |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-27781 |
CERTINFO never-ending busy-loop |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-27782 |
TLS and SSH connection too eager reuse |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2023-27533 |
curl: TELNET option IAC injection |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
HIGH |
CVE-2023-27534 |
curl: SFTP path ~ resolving discrepancy |
curl |
7.64.0-4+deb10u2 |
|
HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
e2fsprogs |
1.44.5-1+deb10u3 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
g++-8 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
g++-8 |
8.3.0-6 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
gcc-8 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
gcc-8 |
8.3.0-6 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
gcc-8-base |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
gcc-8-base |
8.3.0-6 |
|
HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
gir1.2-gdkpixbuf-2.0 |
2.38.1+dfsg-1 |
|
HIGH |
CVE-2021-21300 |
git: remote code execution during clone operation on case-insensitive filesystems |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u4 |
HIGH |
CVE-2021-40330 |
git: unexpected cross-protocol requests via a repository path containing a newline character |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u4 |
HIGH |
CVE-2022-24765 |
git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u5 |
HIGH |
CVE-2022-29187 |
git: Bypass of safe.directory protections |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u5 |
HIGH |
CVE-2022-39260 |
git: git shell function that splits command arguments can lead to arbitrary heap writes. |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u5 |
HIGH |
CVE-2023-23946 |
git: git apply: a path outside the working tree can be overwritten with crafted input |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u8 |
HIGH |
CVE-2023-25652 |
git: by feeding specially crafted input to git apply --reject , a path outside the working tree can |
git |
1:2.20.1-2+deb10u3 |
|
HIGH |
CVE-2023-29007 |
git: arbitrary configuration injection when renaming or deleting a section from a configuration file |
git |
1:2.20.1-2+deb10u3 |
|
HIGH |
CVE-2021-21300 |
git: remote code execution during clone operation on case-insensitive filesystems |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u4 |
HIGH |
CVE-2021-40330 |
git: unexpected cross-protocol requests via a repository path containing a newline character |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u4 |
HIGH |
CVE-2022-24765 |
git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u5 |
HIGH |
CVE-2022-29187 |
git: Bypass of safe.directory protections |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u5 |
HIGH |
CVE-2022-39260 |
git: git shell function that splits command arguments can lead to arbitrary heap writes. |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u5 |
HIGH |
CVE-2023-23946 |
git: git apply: a path outside the working tree can be overwritten with crafted input |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u8 |
HIGH |
CVE-2023-25652 |
git: by feeding specially crafted input to git apply --reject , a path outside the working tree can |
git-man |
1:2.20.1-2+deb10u3 |
|
HIGH |
CVE-2023-29007 |
git: arbitrary configuration injection when renaming or deleting a section from a configuration file |
git-man |
1:2.20.1-2+deb10u3 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
krb5-multidev |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libasan5 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libasan5 |
8.3.0-6 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libatomic1 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libatomic1 |
8.3.0-6 |
|
HIGH |
CVE-2020-1751 |
glibc: array overflow in backtrace functions for powerpc |
libc-bin |
2.28-10+deb10u1 |
|
HIGH |
CVE-2020-1752 |
glibc: use-after-free in glob() function when expanding ~user |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2020-6096 |
glibc: signed comparison vulnerability in the ARMv7 memcpy function |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2021-3326 |
glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2021-3999 |
Off-by-one buffer overflow/underflow in getcwd() |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2020-1751 |
glibc: array overflow in backtrace functions for powerpc |
libc-dev-bin |
2.28-10+deb10u1 |
|
HIGH |
CVE-2020-1752 |
glibc: use-after-free in glob() function when expanding ~user |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2020-6096 |
glibc: signed comparison vulnerability in the ARMv7 memcpy function |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2021-3326 |
glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2021-3999 |
Off-by-one buffer overflow/underflow in getcwd() |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2020-1751 |
glibc: array overflow in backtrace functions for powerpc |
libc6 |
2.28-10+deb10u1 |
|
HIGH |
CVE-2020-1752 |
glibc: use-after-free in glob() function when expanding ~user |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2020-6096 |
glibc: signed comparison vulnerability in the ARMv7 memcpy function |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2021-3326 |
glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2021-3999 |
Off-by-one buffer overflow/underflow in getcwd() |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2020-1751 |
glibc: array overflow in backtrace functions for powerpc |
libc6-dev |
2.28-10+deb10u1 |
|
HIGH |
CVE-2020-1752 |
glibc: use-after-free in glob() function when expanding ~user |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2020-6096 |
glibc: signed comparison vulnerability in the ARMv7 memcpy function |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2021-3326 |
glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2021-3999 |
Off-by-one buffer overflow/underflow in getcwd() |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libcc1-0 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libcc1-0 |
8.3.0-6 |
|
HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
libcom-err2 |
1.44.5-1+deb10u3 |
|
HIGH |
CVE-2021-22946 |
Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-22576 |
curl: OAUTH2 bearer bypass in connection re-use |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-27781 |
CERTINFO never-ending busy-loop |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-27782 |
TLS and SSH connection too eager reuse |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2023-27533 |
curl: TELNET option IAC injection |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
HIGH |
CVE-2023-27534 |
curl: SFTP path ~ resolving discrepancy |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
|
HIGH |
CVE-2021-22946 |
Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-22576 |
curl: OAUTH2 bearer bypass in connection re-use |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-27781 |
CERTINFO never-ending busy-loop |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-27782 |
TLS and SSH connection too eager reuse |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2023-27533 |
curl: TELNET option IAC injection |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
HIGH |
CVE-2023-27534 |
curl: SFTP path ~ resolving discrepancy |
libcurl4 |
7.64.0-4+deb10u2 |
|
HIGH |
CVE-2021-22946 |
Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-22576 |
curl: OAUTH2 bearer bypass in connection re-use |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-27781 |
CERTINFO never-ending busy-loop |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2022-27782 |
TLS and SSH connection too eager reuse |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
HIGH |
CVE-2023-27533 |
curl: TELNET option IAC injection |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
HIGH |
CVE-2023-27534 |
curl: SFTP path ~ resolving discrepancy |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
|
HIGH |
CVE-2020-21598 |
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unw ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
HIGH |
CVE-2021-36409 |
There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
HIGH |
CVE-2022-47655 |
Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_q ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
HIGH |
CVE-2022-47664 |
Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qp ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
HIGH |
CVE-2022-47665 |
Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
HIGH |
CVE-2023-25221 |
Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vuln ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
HIGH |
CVE-2023-27103 |
Libde265 v1.0.11 was discovered to contain a heap buffer overflow via ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u5 |
HIGH |
CVE-2023-43887 |
Libde265 v1.0.12 was discovered to contain multiple buffer overflows v ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u5 |
HIGH |
CVE-2023-49465 |
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u6 |
HIGH |
CVE-2023-49467 |
Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u6 |
HIGH |
CVE-2023-49468 |
Libde265 v1.0.14 was discovered to contain a global buffer overflow vu ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u6 |
HIGH |
CVE-2022-40674 |
expat: a use-after-free in the doContent function in xmlparse.c |
libexpat1 |
2.2.6-2+deb10u4 |
2.2.6-2+deb10u5 |
HIGH |
CVE-2022-43680 |
expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCre |
libexpat1 |
2.2.6-2+deb10u4 |
2.2.6-2+deb10u6 |
HIGH |
CVE-2023-52425 |
expat: parsing large tokens can trigger a denial of service |
libexpat1 |
2.2.6-2+deb10u4 |
|
HIGH |
CVE-2022-40674 |
expat: a use-after-free in the doContent function in xmlparse.c |
libexpat1-dev |
2.2.6-2+deb10u4 |
2.2.6-2+deb10u5 |
HIGH |
CVE-2022-43680 |
expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCre |
libexpat1-dev |
2.2.6-2+deb10u4 |
2.2.6-2+deb10u6 |
HIGH |
CVE-2023-52425 |
expat: parsing large tokens can trigger a denial of service |
libexpat1-dev |
2.2.6-2+deb10u4 |
|
HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
libext2fs2 |
1.44.5-1+deb10u3 |
|
HIGH |
CVE-2022-27405 |
FreeType: Segmentation violation via FNT_Size_Request |
libfreetype6 |
2.9.1-3+deb10u2 |
2.9.1-3+deb10u3 |
HIGH |
CVE-2022-27406 |
Freetype: Segmentation violation via FT_Request_Size |
libfreetype6 |
2.9.1-3+deb10u2 |
2.9.1-3+deb10u3 |
HIGH |
CVE-2022-27405 |
FreeType: Segmentation violation via FNT_Size_Request |
libfreetype6-dev |
2.9.1-3+deb10u2 |
2.9.1-3+deb10u3 |
HIGH |
CVE-2022-27406 |
Freetype: Segmentation violation via FT_Request_Size |
libfreetype6-dev |
2.9.1-3+deb10u2 |
2.9.1-3+deb10u3 |
HIGH |
CVE-2022-25308 |
fribidi: Stack based buffer overflow |
libfribidi0 |
1.0.5-3.1+deb10u1 |
1.0.5-3.1+deb10u2 |
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libgcc-8-dev |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libgcc-8-dev |
8.3.0-6 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libgcc1 |
1:8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libgcc1 |
1:8.3.0-6 |
|
HIGH |
CVE-2021-33560 |
mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack ag |
libgcrypt20 |
1.8.4-5+deb10u1 |
|
HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
libgdk-pixbuf2.0-0 |
2.38.1+dfsg-1 |
|
HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
libgdk-pixbuf2.0-bin |
2.38.1+dfsg-1 |
|
HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
libgdk-pixbuf2.0-common |
2.38.1+dfsg-1 |
|
HIGH |
CVE-2022-48622 |
gnome: heap memory corruption on gdk-pixbuf |
libgdk-pixbuf2.0-dev |
2.38.1+dfsg-1 |
|
HIGH |
CVE-2023-29499 |
glib: GVariant offset table entry size is not checked in is_normal() |
libglib2.0-0 |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
HIGH |
CVE-2023-29499 |
glib: GVariant offset table entry size is not checked in is_normal() |
libglib2.0-bin |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
HIGH |
CVE-2023-29499 |
glib: GVariant offset table entry size is not checked in is_normal() |
libglib2.0-data |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
HIGH |
CVE-2023-29499 |
glib: GVariant offset table entry size is not checked in is_normal() |
libglib2.0-dev |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
HIGH |
CVE-2023-29499 |
glib: GVariant offset table entry size is not checked in is_normal() |
libglib2.0-dev-bin |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
HIGH |
CVE-2022-2509 |
gnutls: Double free during gnutls_pkcs7_verify |
libgnutls-dane0 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
HIGH |
CVE-2023-0361 |
gnutls: timing side-channel in the TLS RSA key exchange code |
libgnutls-dane0 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u10 |
HIGH |
CVE-2024-0553 |
gnutls: incomplete fix for CVE-2023-5981 |
libgnutls-dane0 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u12 |
HIGH |
CVE-2022-2509 |
gnutls: Double free during gnutls_pkcs7_verify |
libgnutls-openssl27 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
HIGH |
CVE-2023-0361 |
gnutls: timing side-channel in the TLS RSA key exchange code |
libgnutls-openssl27 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u10 |
HIGH |
CVE-2024-0553 |
gnutls: incomplete fix for CVE-2023-5981 |
libgnutls-openssl27 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u12 |
HIGH |
CVE-2022-2509 |
gnutls: Double free during gnutls_pkcs7_verify |
libgnutls28-dev |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
HIGH |
CVE-2023-0361 |
gnutls: timing side-channel in the TLS RSA key exchange code |
libgnutls28-dev |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u10 |
HIGH |
CVE-2024-0553 |
gnutls: incomplete fix for CVE-2023-5981 |
libgnutls28-dev |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u12 |
HIGH |
CVE-2022-2509 |
gnutls: Double free during gnutls_pkcs7_verify |
libgnutls30 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
HIGH |
CVE-2023-0361 |
gnutls: timing side-channel in the TLS RSA key exchange code |
libgnutls30 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u10 |
HIGH |
CVE-2024-0553 |
gnutls: incomplete fix for CVE-2023-5981 |
libgnutls30 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u12 |
HIGH |
CVE-2022-2509 |
gnutls: Double free during gnutls_pkcs7_verify |
libgnutlsxx28 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
HIGH |
CVE-2023-0361 |
gnutls: timing side-channel in the TLS RSA key exchange code |
libgnutlsxx28 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u10 |
HIGH |
CVE-2024-0553 |
gnutls: incomplete fix for CVE-2023-5981 |
libgnutlsxx28 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u12 |
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libgomp1 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libgomp1 |
8.3.0-6 |
|
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
libgssapi-krb5-2 |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
libgssrpc4 |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2023-25193 |
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks |
libharfbuzz0b |
2.3.1-1 |
|
HIGH |
CVE-2020-19498 |
Floating point exception in function Fraction in libheif 1.4.0, allows ... |
libheif1 |
1.3.2-2~deb10u1 |
|
HIGH |
CVE-2020-19499 |
An issue was discovered in heif::Box_iref::get_references in libheif 1 ... |
libheif1 |
1.3.2-2~deb10u1 |
|
HIGH |
CVE-2020-23109 |
Buffer overflow vulnerability in function convert_colorspace in heif_c ... |
libheif1 |
1.3.2-2~deb10u1 |
|
HIGH |
CVE-2023-0996 |
There is a vulnerability in the strided image data parsing code in the ... |
libheif1 |
1.3.2-2~deb10u1 |
|
HIGH |
CVE-2019-12290 |
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ... |
libidn2-0 |
2.0.5-1+deb10u1 |
|
HIGH |
CVE-2019-12290 |
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ... |
libidn2-dev |
2.0.5-1+deb10u1 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libitm1 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libitm1 |
8.3.0-6 |
|
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
libk5crypto3 |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
libkadm5clnt-mit11 |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
libkadm5srv-mit11 |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
libkdb5-9 |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
libkrb5-3 |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
libkrb5-dev |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2022-42898 |
krb5: integer overflow vulnerabilities in PAC parsing |
libkrb5support0 |
1.17-3+deb10u3 |
1.17-3+deb10u5 |
HIGH |
CVE-2023-2953 |
null pointer dereference in ber_memalloc_x function |
libldap-2.4-2 |
2.4.47+dfsg-3+deb10u7 |
|
HIGH |
CVE-2023-2953 |
null pointer dereference in ber_memalloc_x function |
libldap-common |
2.4.47+dfsg-3+deb10u7 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
liblsan0 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
liblsan0 |
8.3.0-6 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-19667 |
Stack buffer overflow in XPM coder could result in a crash |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-27752 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2020-27766 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2020-29599 |
ImageMagick: Shell injection via PDF password could result in arbitrary code execution |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH |
CVE-2021-20309 |
ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20312 |
ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-20313 |
ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2021-40211 |
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-28463 |
ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32545 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32546 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-32547 |
ImageMagick: load of misaligned address at MagickCore/property.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH |
CVE-2022-48541 |
ImageMagick: memory leak in identify -help |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
HIGH |
CVE-2021-46669 |
mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free wh |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27376 |
mariadb: assertion failure in Item_args::walk_arg |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27377 |
mariadb: use-after-poison when complex conversion is involved in blob |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27378 |
mariadb: server crash in create_tmp_table::finalize |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27379 |
mariadb: server crash in component arg_comparator::compare_real_fixed |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27380 |
mariadb: server crash at my_decimal::operator= |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27381 |
mariadb: server crash at Field::set_default via specially crafted SQL statements |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27383 |
mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27384 |
mariadb: crash via component Item_subselect::init_expr_cache_tracker |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27386 |
mariadb: server crashes in query_arena::set_query_arena upon SELECT from view |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27387 |
mariadb: assertion failures in decimal_bin_size |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27445 |
mariadb: assertion failure in compare_order_elements |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27447 |
mariadb: use-after-poison in Binary_string::free_buffer |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27448 |
mariadb: crash in multi-update and implicit grouping |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27449 |
mariadb: assertion failure in sql/item_func.cc |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27452 |
mariadb: assertion failure in sql/item_cmpfunc.cc |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27456 |
mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27458 |
mariadb: use-after-poison in Binary_string::free_buffer |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32083 |
mariadb: server crash at Item_subselect::init_expr_cache_tracker |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32084 |
mariadb: segmentation fault via the component sub_select |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32085 |
mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32087 |
mariadb: server crash in Item_args::walk_args |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32088 |
mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32091 |
mariadb: server crash in JOIN_CACHE::free or in copy_fields |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2021-46669 |
mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free wh |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27376 |
mariadb: assertion failure in Item_args::walk_arg |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27377 |
mariadb: use-after-poison when complex conversion is involved in blob |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27378 |
mariadb: server crash in create_tmp_table::finalize |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27379 |
mariadb: server crash in component arg_comparator::compare_real_fixed |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27380 |
mariadb: server crash at my_decimal::operator= |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27381 |
mariadb: server crash at Field::set_default via specially crafted SQL statements |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27383 |
mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27384 |
mariadb: crash via component Item_subselect::init_expr_cache_tracker |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27386 |
mariadb: server crashes in query_arena::set_query_arena upon SELECT from view |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27387 |
mariadb: assertion failures in decimal_bin_size |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27445 |
mariadb: assertion failure in compare_order_elements |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27447 |
mariadb: use-after-poison in Binary_string::free_buffer |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27448 |
mariadb: crash in multi-update and implicit grouping |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27449 |
mariadb: assertion failure in sql/item_func.cc |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27452 |
mariadb: assertion failure in sql/item_cmpfunc.cc |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27456 |
mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27458 |
mariadb: use-after-poison in Binary_string::free_buffer |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32083 |
mariadb: server crash at Item_subselect::init_expr_cache_tracker |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32084 |
mariadb: segmentation fault via the component sub_select |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32085 |
mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32087 |
mariadb: server crash in Item_args::walk_args |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32088 |
mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32091 |
mariadb: server crash in JOIN_CACHE::free or in copy_fields |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2021-46669 |
mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free wh |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27376 |
mariadb: assertion failure in Item_args::walk_arg |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27377 |
mariadb: use-after-poison when complex conversion is involved in blob |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27378 |
mariadb: server crash in create_tmp_table::finalize |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27379 |
mariadb: server crash in component arg_comparator::compare_real_fixed |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27380 |
mariadb: server crash at my_decimal::operator= |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27381 |
mariadb: server crash at Field::set_default via specially crafted SQL statements |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27383 |
mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27384 |
mariadb: crash via component Item_subselect::init_expr_cache_tracker |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27386 |
mariadb: server crashes in query_arena::set_query_arena upon SELECT from view |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27387 |
mariadb: assertion failures in decimal_bin_size |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27445 |
mariadb: assertion failure in compare_order_elements |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27447 |
mariadb: use-after-poison in Binary_string::free_buffer |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27448 |
mariadb: crash in multi-update and implicit grouping |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27449 |
mariadb: assertion failure in sql/item_func.cc |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27452 |
mariadb: assertion failure in sql/item_cmpfunc.cc |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27456 |
mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27458 |
mariadb: use-after-poison in Binary_string::free_buffer |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32083 |
mariadb: server crash at Item_subselect::init_expr_cache_tracker |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32084 |
mariadb: segmentation fault via the component sub_select |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32085 |
mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32087 |
mariadb: server crash in Item_args::walk_args |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32088 |
mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32091 |
mariadb: server crash in JOIN_CACHE::free or in copy_fields |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libmpx2 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libmpx2 |
8.3.0-6 |
|
HIGH |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
libncurses-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
libncurses-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u3 |
HIGH |
CVE-2023-29491 |
ncurses: Local users can trigger security-relevant memory corruption via malformed data |
libncurses-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
libncurses5-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
libncurses5-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u3 |
HIGH |
CVE-2023-29491 |
ncurses: Local users can trigger security-relevant memory corruption via malformed data |
libncurses5-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
libncurses6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
libncurses6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u3 |
HIGH |
CVE-2023-29491 |
ncurses: Local users can trigger security-relevant memory corruption via malformed data |
libncurses6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
libncursesw5-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
libncursesw5-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u3 |
HIGH |
CVE-2023-29491 |
ncurses: Local users can trigger security-relevant memory corruption via malformed data |
libncursesw5-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
libncursesw6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
libncursesw6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u3 |
HIGH |
CVE-2023-29491 |
ncurses: Local users can trigger security-relevant memory corruption via malformed data |
libncursesw6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2020-11080 |
overly large SETTINGS frames can lead to DoS |
libnghttp2-14 |
1.36.0-2+deb10u1 |
1.36.0-2+deb10u2 |
HIGH |
CVE-2023-44487 |
HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) |
libnghttp2-14 |
1.36.0-2+deb10u1 |
1.36.0-2+deb10u2 |
HIGH |
CVE-2021-20298 |
OpenEXR: Out-of-memory in B44Compressor |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
HIGH |
CVE-2021-20299 |
OpenEXR: Null-dereference READ in Imf_2_5::Header::operator |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
HIGH |
CVE-2021-20298 |
OpenEXR: Out-of-memory in B44Compressor |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
HIGH |
CVE-2021-20299 |
OpenEXR: Null-dereference READ in Imf_2_5::Header::operator |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
HIGH |
CVE-2021-3575 |
openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
HIGH |
CVE-2021-3575 |
openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
HIGH |
CVE-2019-20454 |
pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode |
libpcre2-8-0 |
10.32-5 |
10.32-5+deb10u1 |
HIGH |
CVE-2020-16156 |
perl-CPAN: Bypass of verification of signatures in CHECKSUMS files |
libperl5.28 |
5.28.1-6+deb10u1 |
|
HIGH |
CVE-2023-31484 |
perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS |
libperl5.28 |
5.28.1-6+deb10u1 |
|
HIGH |
CVE-2022-44638 |
pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write |
libpixman-1-0 |
0.36.0-1 |
0.36.0-1+deb10u1 |
HIGH |
CVE-2022-44638 |
pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write |
libpixman-1-dev |
0.36.0-1 |
0.36.0-1+deb10u1 |
HIGH |
CVE-2022-2625 |
postgresql: Extension scripts replace objects not belonging to the extension. |
libpq-dev |
11.16-0+deb10u1 |
11.17-0+deb10u1 |
HIGH |
CVE-2023-2454 |
postgresql: schema_element defeats protective search_path changes |
libpq-dev |
11.16-0+deb10u1 |
11.20-0+deb10u1 |
HIGH |
CVE-2023-39417 |
postgresql: extension script @substitutions@ within quoting allow SQL injection |
libpq-dev |
11.16-0+deb10u1 |
11.21-0+deb10u2 |
HIGH |
CVE-2023-5869 |
postgresql: Buffer overrun from integer overflow in array modification |
libpq-dev |
11.16-0+deb10u1 |
11.22-0+deb10u1 |
HIGH |
CVE-2024-0985 |
postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL |
libpq-dev |
11.16-0+deb10u1 |
|
HIGH |
CVE-2022-2625 |
postgresql: Extension scripts replace objects not belonging to the extension. |
libpq5 |
11.16-0+deb10u1 |
11.17-0+deb10u1 |
HIGH |
CVE-2023-2454 |
postgresql: schema_element defeats protective search_path changes |
libpq5 |
11.16-0+deb10u1 |
11.20-0+deb10u1 |
HIGH |
CVE-2023-39417 |
postgresql: extension script @substitutions@ within quoting allow SQL injection |
libpq5 |
11.16-0+deb10u1 |
11.21-0+deb10u2 |
HIGH |
CVE-2023-5869 |
postgresql: Buffer overrun from integer overflow in array modification |
libpq5 |
11.16-0+deb10u1 |
11.22-0+deb10u1 |
HIGH |
CVE-2024-0985 |
postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL |
libpq5 |
11.16-0+deb10u1 |
|
HIGH |
CVE-2015-20107 |
python: mailcap: findmatch() function does not sanitize the second argument |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2019-20907 |
python: infinite loop in the tarfile module via crafted TAR archive |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2020-10735 |
python: int() type in PyLong_FromString() does not limit amount of digits converting text to int lea |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
|
HIGH |
CVE-2020-26116 |
python: CRLF injection via HTTP request method in httplib/http.client |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2021-3737 |
HTTP client possible infinite loop on a 100 Continue response |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2022-0391 |
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2022-45061 |
python: CPU denial of service via inefficient IDNA decoder |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2015-20107 |
python: mailcap: findmatch() function does not sanitize the second argument |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2019-20907 |
python: infinite loop in the tarfile module via crafted TAR archive |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2020-10735 |
python: int() type in PyLong_FromString() does not limit amount of digits converting text to int lea |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
|
HIGH |
CVE-2020-26116 |
python: CRLF injection via HTTP request method in httplib/http.client |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2021-3737 |
HTTP client possible infinite loop on a 100 Continue response |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2022-0391 |
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2022-45061 |
python: CPU denial of service via inefficient IDNA decoder |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2015-20107 |
python: mailcap: findmatch() function does not sanitize the second argument |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2020-10735 |
python: int() type in PyLong_FromString() does not limit amount of digits converting text to int lea |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2021-3737 |
HTTP client possible infinite loop on a 100 Continue response |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2022-0391 |
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
HIGH |
CVE-2022-45061 |
python: CPU denial of service via inefficient IDNA decoder |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
HIGH |
CVE-2015-20107 |
python: mailcap: findmatch() function does not sanitize the second argument |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2020-10735 |
python: int() type in PyLong_FromString() does not limit amount of digits converting text to int lea |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2021-3737 |
HTTP client possible infinite loop on a 100 Continue response |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2022-0391 |
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
HIGH |
CVE-2022-45061 |
python: CPU denial of service via inefficient IDNA decoder |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libquadmath0 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libquadmath0 |
8.3.0-6 |
|
HIGH |
CVE-2019-19603 |
sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
HIGH |
CVE-2020-35525 |
sqlite: Null pointer derreference in src/select.c |
libsqlite3-0 |
3.27.2-3+deb10u1 |
3.27.2-3+deb10u2 |
HIGH |
CVE-2021-31239 |
sqlite: denial of service via the appendvfs.c function |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
HIGH |
CVE-2023-7104 |
sqlite: heap-buffer-overflow at sessionfuzz |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
HIGH |
CVE-2019-19603 |
sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
HIGH |
CVE-2020-35525 |
sqlite: Null pointer derreference in src/select.c |
libsqlite3-dev |
3.27.2-3+deb10u1 |
3.27.2-3+deb10u2 |
HIGH |
CVE-2021-31239 |
sqlite: denial of service via the appendvfs.c function |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
HIGH |
CVE-2023-7104 |
sqlite: heap-buffer-overflow at sessionfuzz |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
libss2 |
1.44.5-1+deb10u3 |
|
HIGH |
CVE-2019-13115 |
libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c l |
libssh2-1 |
1.8.0-2.1 |
1.8.0-2.1+deb10u1 |
HIGH |
CVE-2019-17498 |
libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c |
libssh2-1 |
1.8.0-2.1 |
1.8.0-2.1+deb10u1 |
HIGH |
CVE-2020-22218 |
libssh2: use-of-uninitialized-value in _libssh2_transport_read |
libssh2-1 |
1.8.0-2.1 |
1.8.0-2.1+deb10u1 |
HIGH |
CVE-2022-4450 |
openssl: double free after calling PEM_read_bio_ex |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
HIGH |
CVE-2023-0215 |
openssl: use-after-free following BIO_new_NDEF |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
HIGH |
CVE-2023-0286 |
openssl: X.400 address type confusion in X.509 GeneralName |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
HIGH |
CVE-2023-0464 |
openssl: Denial of service by excessive resource usage in verifying X509 policy constraints |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
HIGH |
CVE-2022-4450 |
openssl: double free after calling PEM_read_bio_ex |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
HIGH |
CVE-2023-0215 |
openssl: use-after-free following BIO_new_NDEF |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
HIGH |
CVE-2023-0286 |
openssl: X.400 address type confusion in X.509 GeneralName |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
HIGH |
CVE-2023-0464 |
openssl: Denial of service by excessive resource usage in verifying X509 policy constraints |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libstdc++-8-dev |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libstdc++-8-dev |
8.3.0-6 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libstdc++6 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libstdc++6 |
8.3.0-6 |
|
HIGH |
CVE-2019-3843 |
systemd: services with DynamicUser can create SUID/SGID binaries |
libsystemd0 |
241-7~deb10u8 |
|
HIGH |
CVE-2019-3844 |
systemd: services with DynamicUser can get new privileges and create SGID binaries |
libsystemd0 |
241-7~deb10u8 |
|
HIGH |
CVE-2023-26604 |
systemd: privilege escalation via the less pager |
libsystemd0 |
241-7~deb10u8 |
241-7~deb10u9 |
HIGH |
CVE-2023-50387 |
bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator |
libsystemd0 |
241-7~deb10u8 |
|
HIGH |
CVE-2023-50868 |
bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources |
libsystemd0 |
241-7~deb10u8 |
|
HIGH |
CVE-2022-3970 |
libtiff: integer overflow in function TIFFReadRGBATileExt of the file |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
HIGH |
CVE-2023-25434 |
libtiff: heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
HIGH |
CVE-2023-52355 |
libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
HIGH |
CVE-2023-52356 |
libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
HIGH |
CVE-2022-3970 |
libtiff: integer overflow in function TIFFReadRGBATileExt of the file |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
HIGH |
CVE-2023-25434 |
libtiff: heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
HIGH |
CVE-2023-52355 |
libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
HIGH |
CVE-2023-52356 |
libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
HIGH |
CVE-2022-3970 |
libtiff: integer overflow in function TIFFReadRGBATileExt of the file |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
HIGH |
CVE-2023-25434 |
libtiff: heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
HIGH |
CVE-2023-52355 |
libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
HIGH |
CVE-2023-52356 |
libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
HIGH |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
libtinfo6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
libtinfo6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u3 |
HIGH |
CVE-2023-29491 |
ncurses: Local users can trigger security-relevant memory corruption via malformed data |
libtinfo6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libtsan0 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libtsan0 |
8.3.0-6 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libubsan1 |
8.3.0-6 |
|
HIGH |
CVE-2019-15847 |
gcc: POWER9 "DARN" RNG intrinsic produces repeated output |
libubsan1 |
8.3.0-6 |
|
HIGH |
CVE-2019-3843 |
systemd: services with DynamicUser can create SUID/SGID binaries |
libudev1 |
241-7~deb10u8 |
|
HIGH |
CVE-2019-3844 |
systemd: services with DynamicUser can get new privileges and create SGID binaries |
libudev1 |
241-7~deb10u8 |
|
HIGH |
CVE-2023-26604 |
systemd: privilege escalation via the less pager |
libudev1 |
241-7~deb10u8 |
241-7~deb10u9 |
HIGH |
CVE-2023-50387 |
bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator |
libudev1 |
241-7~deb10u8 |
|
HIGH |
CVE-2023-50868 |
bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources |
libudev1 |
241-7~deb10u8 |
|
HIGH |
CVE-2022-3204 |
unbound: NRDelegation attack leads to uncontrolled resource consumption (Non-Responsive Delegation A |
libunbound8 |
1.9.0-2+deb10u2 |
1.9.0-2+deb10u3 |
HIGH |
CVE-2023-50387 |
bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator |
libunbound8 |
1.9.0-2+deb10u2 |
1.9.0-2+deb10u4 |
HIGH |
CVE-2023-50868 |
bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources |
libunbound8 |
1.9.0-2+deb10u2 |
1.9.0-2+deb10u4 |
HIGH |
CVE-2023-1999 |
Mozilla: libwebp: Double-free in libwebp |
libwebp-dev |
0.6.1-2+deb10u1 |
0.6.1-2+deb10u2 |
HIGH |
CVE-2023-4863 |
libwebp: Heap buffer overflow in WebP Codec |
libwebp-dev |
0.6.1-2+deb10u1 |
0.6.1-2+deb10u3 |
HIGH |
CVE-2023-1999 |
Mozilla: libwebp: Double-free in libwebp |
libwebp6 |
0.6.1-2+deb10u1 |
0.6.1-2+deb10u2 |
HIGH |
CVE-2023-4863 |
libwebp: Heap buffer overflow in WebP Codec |
libwebp6 |
0.6.1-2+deb10u1 |
0.6.1-2+deb10u3 |
HIGH |
CVE-2023-1999 |
Mozilla: libwebp: Double-free in libwebp |
libwebpdemux2 |
0.6.1-2+deb10u1 |
0.6.1-2+deb10u2 |
HIGH |
CVE-2023-4863 |
libwebp: Heap buffer overflow in WebP Codec |
libwebpdemux2 |
0.6.1-2+deb10u1 |
0.6.1-2+deb10u3 |
HIGH |
CVE-2023-1999 |
Mozilla: libwebp: Double-free in libwebp |
libwebpmux3 |
0.6.1-2+deb10u1 |
0.6.1-2+deb10u2 |
HIGH |
CVE-2023-4863 |
libwebp: Heap buffer overflow in WebP Codec |
libwebpmux3 |
0.6.1-2+deb10u1 |
0.6.1-2+deb10u3 |
HIGH |
CVE-2023-3138 |
libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension reques |
libx11-6 |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u3 |
HIGH |
CVE-2023-43787 |
libX11: integer overflow in XCreateImage() leading to a heap overflow |
libx11-6 |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u4 |
HIGH |
CVE-2023-3138 |
libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension reques |
libx11-data |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u3 |
HIGH |
CVE-2023-43787 |
libX11: integer overflow in XCreateImage() leading to a heap overflow |
libx11-data |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u4 |
HIGH |
CVE-2023-3138 |
libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension reques |
libx11-dev |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u3 |
HIGH |
CVE-2023-43787 |
libX11: integer overflow in XCreateImage() leading to a heap overflow |
libx11-dev |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u4 |
HIGH |
CVE-2017-16932 |
libxml2: Infinite recursion in parameter entities |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
|
HIGH |
CVE-2022-2309 |
lxml: NULL Pointer Dereference in lxml |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
|
HIGH |
CVE-2022-40303 |
libxml2: integer overflows with XML_PARSE_HUGE |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
2.9.4+dfsg1-7+deb10u5 |
HIGH |
CVE-2022-40304 |
libxml2: dict corruption caused by entity reference cycles |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
2.9.4+dfsg1-7+deb10u5 |
HIGH |
CVE-2024-25062 |
libxml2: use-after-free in XMLReader |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
|
HIGH |
CVE-2017-16932 |
libxml2: Infinite recursion in parameter entities |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
|
HIGH |
CVE-2022-2309 |
lxml: NULL Pointer Dereference in lxml |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
|
HIGH |
CVE-2022-40303 |
libxml2: integer overflows with XML_PARSE_HUGE |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
2.9.4+dfsg1-7+deb10u5 |
HIGH |
CVE-2022-40304 |
libxml2: dict corruption caused by entity reference cycles |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
2.9.4+dfsg1-7+deb10u5 |
HIGH |
CVE-2024-25062 |
libxml2: use-after-free in XMLReader |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
|
HIGH |
CVE-2019-5815 |
chromium-browser: Heap buffer overflow in Blink |
libxslt1-dev |
1.1.32-2.2~deb10u1 |
1.1.32-2.2~deb10u2 |
HIGH |
CVE-2021-30560 |
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ... |
libxslt1-dev |
1.1.32-2.2~deb10u1 |
1.1.32-2.2~deb10u2 |
HIGH |
CVE-2019-5815 |
chromium-browser: Heap buffer overflow in Blink |
libxslt1.1 |
1.1.32-2.2~deb10u1 |
1.1.32-2.2~deb10u2 |
HIGH |
CVE-2021-30560 |
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ... |
libxslt1.1 |
1.1.32-2.2~deb10u1 |
1.1.32-2.2~deb10u2 |
HIGH |
CVE-2013-7445 |
kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2019-19449 |
kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_ |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2019-19814 |
kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2020-12362 |
Integer overflow in Intel(R) Graphics Drivers |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2020-36385 |
kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2021-33631 |
kernel: ext4: kernel bug in ext4_write_inline_data_end() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2021-3493 |
kernel: overlayfs file system caps privilege escalation |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2021-38207 |
kernel: buffer overflow in drivers/net/ethernet/xilinx/ll_temac_main.c by sending heavy network traf |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2021-3847 |
low-privileged user privileges escalation |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2021-3864 |
descendant's dumpable setting with certain SUID binaries |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2021-4037 |
kernel: security regression for CVE-2018-13405 |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2021-4197 |
kernel: cgroup: Use open-time creds and namespace for migration perm checks |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-1011 |
kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-1012 |
Small table perturb size in the TCP source port generation algorithm can lead to information leak |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-1048 |
kernel: race condition in snd_pcm_hw_free leading to use-after-free |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-1199 |
Null pointer dereference and use after free in ax25_release() |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-1353 |
kernel info leak issue in pfkey_register |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-1419 |
kernel: a concurrency use-after-free in vgem_gem_dumb_create |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-1652 |
kernel: A concurrency use-after-free in floppy disk device driver. |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-1679 |
kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-1729 |
kernel: race condition in perf_event_open leads to privilege escalation |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-1734 |
kernel: Use-After-Free in NFC driver in nfcmrvl_nci_unregister_dev when simulating NFC device from u |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-20368 |
kernel: net/packet: slab-out-of-bounds access in packet_recvmsg() |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
HIGH |
CVE-2022-20421 |
kernel: use after free in binder_inc_ref_for_node in drivers/android/binder.c due |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-20422 |
In emulation_proc_handler of armv8_deprecated.c, there is a possible w ... |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-20566 |
kernel: possible use after free due to improper locking in l2cap_chan_put of l2cap_core |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-2586 |
kernel: nf_tables cross-table potential use-after-free may lead to local privilege escalation |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-2588 |
a use-after-free in cls_route filter implementation may lead to privilege escalation |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-26365 |
Linux disk/nic frontends data leaks T[his CNA information record relat ... |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-2639 |
kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
HIGH |
CVE-2022-26490 |
kernel: potential buffer overflows in EVT_TRANSACTION in st21nfca |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-27666 |
kernel: buffer overflow in IPsec ESP transformation code |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-28390 |
kernel: double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-29581 |
kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-2977 |
kernel: use-after-free Read in put_device (/dev/vtpmx) |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
HIGH |
CVE-2022-2978 |
kernel: use-after-free in nilfs_mdt_destroy |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
HIGH |
CVE-2022-3028 |
kernel: race condition in xfrm_probe_algs can lead to OOB read/write |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-30594 |
kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-3176 |
kernel: use-after-free in io_uring for POLLFREE notification with Signalfd_poll() and binder_poll() |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2022-3202 |
Kernel: jfs: Null Pointer Deference in jfs_evict_inode leads to Denial of Service |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
HIGH |
CVE-2022-32250 |
kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
HIGH |
CVE-2022-3239 |
kernel: media: em28xx: initialize refcount before kref_get |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
HIGH |
CVE-2022-33740 |
Linux disk/nic frontends data leaks T[his CNA information record relat ... |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-33741 |
Linux disk/nic frontends data leaks T[his CNA information record relat ... |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-33742 |
Linux disk/nic frontends data leaks T[his CNA information record relat ... |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-3424 |
kernel: Use after Free in gru_set_context_option leading to kernel panic |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2022-3545 |
kernel: nfp: use-after-free in area_cache_get() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2022-3564 |
kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
HIGH |
CVE-2022-3565 |
kernel: use-after-free in l1oip timer handlers |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
HIGH |
CVE-2022-3566 |
kernel: data races around icsk->icsk_af_ops in do_ipv6_setsockopt |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2022-3635 |
kernel: use after in tst_timer in drivers/atm/idt77252.c |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-3640 |
kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
HIGH |
CVE-2022-3649 |
kernel: nilfs2: use-after-free in nilfs_new_inode of fs/nilfs2/inode.c |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
HIGH |
CVE-2022-36946 |
kernel: DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-39189 |
kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfuncti |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2022-4095 |
kernel: Use-after-Free/Double-Free bug in read_bbreg_hdl in drivers/staging/rtl8712/rtl8712_cmd.c |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
HIGH |
CVE-2022-41858 |
kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
HIGH |
CVE-2022-42896 |
kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
HIGH |
CVE-2022-4378 |
stack overflow in do_proc_dointvec and proc_skip_spaces |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
HIGH |
CVE-2022-43945 |
kernel: nfsd buffer overflow by RPC message over TCP with garbage data |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2022-45934 |
kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2022-4744 |
kernel: tun: avoid double free in tun_free_netdev |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2022-47518 |
a heap-based buffer overflow in drivers/net/wireless/microchip/wilc1000/cfg80211.c |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2022-47519 |
an out-of-bounds write in drivers/net/wireless/microchip/wilc1000/cfg80211.c |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2022-47520 |
an out-of-bounds read in drivers/net/wireless/microchip/wilc1000/hif.c |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2022-47521 |
a heap-based buffer overflow in drivers/net/wireless/microchip/wilc1000/cfg80211.c |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-0030 |
kernel: Use after Free in nvkm_vmm_pfn_map |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-0045 |
kernel: Bypassing Spectre-BTI User Space Mitigations |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-0266 |
Move rwsem lock inside snd_ctl_elem_read to prevent UAF |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-0386 |
kernel: FUSE filesystem low-privileged user privileges escalation |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-0461 |
kernel: net/ulp: use-after-free in listening ULP sockets |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-1077 |
kernel: Type confusion in pick_next_rt_entity() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-1078 |
Heap OOB Write in rds_rm_zerocopy_callback() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-1118 |
kernel: use-after-free in drivers/media/rc/ene_ir.c due to race condition |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-1281 |
kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escal |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-1380 |
Kernel: a USB-accessible slab-out-of-bounds read in brcmfmac |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-1670 |
use after free bug in xirc2ps_detach |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-1829 |
kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-1838 |
kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
HIGH |
CVE-2023-1989 |
kernel: Use after free bug in btsdio_remove due to race condition |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-2007 |
DPT I2O controller TOCTOU information disclosure vulnerability |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-20938 |
In binder_transaction_buffer_release of binder.c, there is a possible ... |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-2124 |
kernel: OOB access in the Linux kernel's XFS subsystem |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-21255 |
In multiple functions of binder.c, there is a possible memory corrupti ... |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-23559 |
kernel: Integer overflow in function rndis_query_oid of rndis_wlan.c |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-28466 |
kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer derefere |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-3090 |
kernel: ipvlan: out-of-bounds write caused by unclear skb->cb |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-3111 |
Use after free in prepare_to_relocate in fs/btrfs/relocation.c |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-3141 |
kernel: Use after free bug in r592_remove |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-31436 |
kernel: out-of-bounds write in qfq_change_class function |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-32233 |
kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-3268 |
kernel: out-of-bounds access in relay_file_read |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-3390 |
kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-34319 |
buffer overrun in netback due to unusual packet (XSA-432) |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-35001 |
kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-3567 |
kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
HIGH |
CVE-2023-35788 |
kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-35823 |
kernel: saa7134: race condition leading to use-after-free in saa7134_finidev() |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-35824 |
kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c() |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-35827 |
race condition leading to use-after-free in ravb_remove() |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-35828 |
race condition leading to use-after-free in renesas_usb3_remove() |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2023-3609 |
kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-3611 |
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqu |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-3640 |
Kernel: x86/mm: a per-cpu entry area leak was identified through the init_cea_offsets function when |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-3776 |
kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev functi |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-3812 |
kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
HIGH |
CVE-2023-39197 |
kernel: DCCP: conntrack out-of-bounds read in nf_conntrack_dccp_packet() |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-40283 |
kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-4206 |
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-4207 |
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-4208 |
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-4244 |
kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-42753 |
kernel: netfilter: potential slab-out-of-bound access due to integer underflow |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-4387 |
kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf() |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
HIGH |
CVE-2023-45871 |
kernel: IGB driver inadequate buffer size for frames larger than MTU |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-4622 |
kernel: use after free in unix_stream_sendpage |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-4623 |
kernel: net/sched: sch_hfsc UAF |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-46838 |
Transmit requests in Xen's virtual network protocol can consist of mul ... |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-4921 |
kernel: use-after-free in sch_qfq network scheduler |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-51042 |
kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-51043 |
kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unlo |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-51779 |
kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-51780 |
kernel: use-after-free in net/atm/ioctl.c |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-51781 |
kernel: use-after-free in net/appletalk/ddp.c |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-51782 |
An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl i ... |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-52439 |
kernel: uio: Fix use-after-free in uio_open |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-52449 |
kernel: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-52464 |
kernel: EDAC/thunderx: Fix possible out-of-bounds string access |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-5717 |
kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is small |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-6040 |
kernel: netfilter: nf_tables: out-of-bounds access in nf_tables_newtable() |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-6270 |
kernel: AoE: improper reference count leads to use-after-free vulnerability |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-6356 |
kernel: NULL pointer dereference in nvmet_tcp_build_iovec |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-6535 |
kernel: NULL pointer dereference in nvmet_tcp_execute_request |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-6536 |
kernel: NULL pointer dereference in __nvmet_req_complete |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2023-6606 |
kernel: Out-Of-Bounds Read vulnerability in smbCalcSize |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-6931 |
kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2023-6932 |
kernel: use-after-free in IPv4 IGMP |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
HIGH |
CVE-2024-0565 |
kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2024-0775 |
kernel: use-after-free while changing the mount option in __ext4_remount leading |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
HIGH |
CVE-2024-1086 |
kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2024-21803 |
kernel: bluetooth: use-after-free vulnerability in af_bluetooth.c |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2024-23307 |
Integer Overflow or Wraparound vulnerability in Linux Linux kernel ker ... |
linux-libc-dev |
4.19.235-1 |
|
HIGH |
CVE-2021-46669 |
mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free wh |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27376 |
mariadb: assertion failure in Item_args::walk_arg |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27377 |
mariadb: use-after-poison when complex conversion is involved in blob |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27378 |
mariadb: server crash in create_tmp_table::finalize |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27379 |
mariadb: server crash in component arg_comparator::compare_real_fixed |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27380 |
mariadb: server crash at my_decimal::operator= |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27381 |
mariadb: server crash at Field::set_default via specially crafted SQL statements |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27383 |
mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27384 |
mariadb: crash via component Item_subselect::init_expr_cache_tracker |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27386 |
mariadb: server crashes in query_arena::set_query_arena upon SELECT from view |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27387 |
mariadb: assertion failures in decimal_bin_size |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27445 |
mariadb: assertion failure in compare_order_elements |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27447 |
mariadb: use-after-poison in Binary_string::free_buffer |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27448 |
mariadb: crash in multi-update and implicit grouping |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27449 |
mariadb: assertion failure in sql/item_func.cc |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27452 |
mariadb: assertion failure in sql/item_cmpfunc.cc |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27456 |
mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-27458 |
mariadb: use-after-poison in Binary_string::free_buffer |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32083 |
mariadb: server crash at Item_subselect::init_expr_cache_tracker |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32084 |
mariadb: segmentation fault via the component sub_select |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32085 |
mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32087 |
mariadb: server crash in Item_args::walk_args |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32088 |
mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2022-32091 |
mariadb: server crash in JOIN_CACHE::free or in copy_fields |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
HIGH |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
ncurses-base |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
ncurses-base |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u3 |
HIGH |
CVE-2023-29491 |
ncurses: Local users can trigger security-relevant memory corruption via malformed data |
ncurses-base |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
ncurses-bin |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
ncurses-bin |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u3 |
HIGH |
CVE-2023-29491 |
ncurses: Local users can trigger security-relevant memory corruption via malformed data |
ncurses-bin |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u5 |
HIGH |
CVE-2021-41617 |
privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured |
openssh-client |
1:7.9p1-10+deb10u2 |
1:7.9p1-10+deb10u4 |
HIGH |
CVE-2023-51767 |
openssh: authentication bypass via row hammer attack |
openssh-client |
1:7.9p1-10+deb10u2 |
|
HIGH |
CVE-2022-4450 |
openssl: double free after calling PEM_read_bio_ex |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
HIGH |
CVE-2023-0215 |
openssl: use-after-free following BIO_new_NDEF |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
HIGH |
CVE-2023-0286 |
openssl: X.400 address type confusion in X.509 GeneralName |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
HIGH |
CVE-2023-0464 |
openssl: Denial of service by excessive resource usage in verifying X509 policy constraints |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
HIGH |
CVE-2020-16156 |
perl-CPAN: Bypass of verification of signatures in CHECKSUMS files |
perl |
5.28.1-6+deb10u1 |
|
HIGH |
CVE-2023-31484 |
perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS |
perl |
5.28.1-6+deb10u1 |
|
HIGH |
CVE-2020-16156 |
perl-CPAN: Bypass of verification of signatures in CHECKSUMS files |
perl-base |
5.28.1-6+deb10u1 |
|
HIGH |
CVE-2023-31484 |
perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS |
perl-base |
5.28.1-6+deb10u1 |
|
HIGH |
CVE-2020-16156 |
perl-CPAN: Bypass of verification of signatures in CHECKSUMS files |
perl-modules-5.28 |
5.28.1-6+deb10u1 |
|
HIGH |
CVE-2023-31484 |
perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS |
perl-modules-5.28 |
5.28.1-6+deb10u1 |
|
HIGH |
CVE-2015-20107 |
python: mailcap: findmatch() function does not sanitize the second argument |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2019-20907 |
python: infinite loop in the tarfile module via crafted TAR archive |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2020-10735 |
python: int() type in PyLong_FromString() does not limit amount of digits converting text to int lea |
python2.7 |
2.7.16-2+deb10u1 |
|
HIGH |
CVE-2020-26116 |
python: CRLF injection via HTTP request method in httplib/http.client |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2021-3737 |
HTTP client possible infinite loop on a 100 Continue response |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2022-0391 |
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2022-45061 |
python: CPU denial of service via inefficient IDNA decoder |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2015-20107 |
python: mailcap: findmatch() function does not sanitize the second argument |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2019-20907 |
python: infinite loop in the tarfile module via crafted TAR archive |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2020-10735 |
python: int() type in PyLong_FromString() does not limit amount of digits converting text to int lea |
python2.7-minimal |
2.7.16-2+deb10u1 |
|
HIGH |
CVE-2020-26116 |
python: CRLF injection via HTTP request method in httplib/http.client |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2021-3737 |
HTTP client possible infinite loop on a 100 Continue response |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2022-0391 |
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2022-45061 |
python: CPU denial of service via inefficient IDNA decoder |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
HIGH |
CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
HIGH |
CVE-2015-20107 |
python: mailcap: findmatch() function does not sanitize the second argument |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2020-10735 |
python: int() type in PyLong_FromString() does not limit amount of digits converting text to int lea |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2021-3737 |
HTTP client possible infinite loop on a 100 Continue response |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2022-0391 |
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs |
python3.7 |
3.7.3-2+deb10u3 |
|
HIGH |
CVE-2022-45061 |
python: CPU denial of service via inefficient IDNA decoder |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
python3.7 |
3.7.3-2+deb10u3 |
|
HIGH |
CVE-2015-20107 |
python: mailcap: findmatch() function does not sanitize the second argument |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2020-10735 |
python: int() type in PyLong_FromString() does not limit amount of digits converting text to int lea |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2021-3737 |
HTTP client possible infinite loop on a 100 Continue response |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2022-0391 |
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
HIGH |
CVE-2022-45061 |
python: CPU denial of service via inefficient IDNA decoder |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
HIGH |
CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
HIGH |
CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
HIGH |
CVE-2022-25881 |
http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability |
http-cache-semantics |
4.1.0 |
4.1.1 |
HIGH |
CVE-2022-29244 |
npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a worksp |
npm |
8.5.5 |
8.11.0 |
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
cpp-8 |
8.3.0-6 |
|
MEDIUM |
CVE-2021-22947 |
Server responses received before STARTTLS processed after TLS handshake |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-27774 |
curl: credential leak on redirect |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
MEDIUM |
CVE-2022-27776 |
curl: auth/cookie leak on redirect |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-32206 |
HTTP compression denial of service |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-32208 |
FTP-KRB bad message verification |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-43552 |
curl: Use-after-free triggered by an HTTP proxy deny response |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
MEDIUM |
CVE-2023-23916 |
curl: HTTP multi-header compression denial of service |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u5 |
MEDIUM |
CVE-2023-27535 |
curl: FTP too eager connection reuse |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-27536 |
curl: GSS delegation too eager connection re-use |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-27538 |
curl: SSH connection too eager reuse still |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-28321 |
curl: IDN wildcard match may lead to Improper Cerificate Validation |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u7 |
MEDIUM |
CVE-2023-46218 |
curl: information disclosure by exploiting a mixed case flaw |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u8 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
dirmngr |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
g++-8 |
8.3.0-6 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
gcc-8 |
8.3.0-6 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
gcc-8-base |
8.3.0-6 |
|
MEDIUM |
CVE-2019-20446 |
librsvg: Resource exhaustion via crafted SVG file with nested patterns |
gir1.2-rsvg-2.0 |
2.44.10-2.1 |
2.44.10-2.1+deb10u1 |
MEDIUM |
CVE-2022-39253 |
git: exposure of sensitive information to a malicious actor |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u5 |
MEDIUM |
CVE-2023-22490 |
git: data exfiltration with maliciously crafted repository |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u8 |
MEDIUM |
CVE-2022-39253 |
git: exposure of sensitive information to a malicious actor |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u5 |
MEDIUM |
CVE-2023-22490 |
git: data exfiltration with maliciously crafted repository |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u8 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gnupg |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gnupg-l10n |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gnupg-utils |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gpg |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gpg-agent |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gpg-wks-client |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gpg-wks-server |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gpgconf |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gpgsm |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2022-34903 |
Signature spoofing via status line injection |
gpgv |
2.2.12-1+deb10u1 |
2.2.12-1+deb10u2 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2019-20795 |
iproute: use-after-free in get_netnsid_from_name in ip/ipnetns.c |
iproute2 |
4.20.0-2+deb10u1 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
krb5-multidev |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
krb5-multidev |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
krb5-multidev |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
krb5-multidev |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2022-25147 |
apr-util: out-of-bounds writes in the apr_base64 |
libaprutil1 |
1.6.1-4 |
1.6.1-4+deb10u1 |
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libasan5 |
8.3.0-6 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libatomic1 |
8.3.0-6 |
|
MEDIUM |
CVE-2016-10228 |
glibc: iconv program can hang when invoked with the -c option |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2019-25013 |
glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR en |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2020-10029 |
glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2020-27618 |
glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2023-4806 |
glibc: potential use-after-free in getaddrinfo() |
libc-bin |
2.28-10+deb10u1 |
|
MEDIUM |
CVE-2023-4813 |
glibc: potential use-after-free in gaih_inet() |
libc-bin |
2.28-10+deb10u1 |
|
MEDIUM |
CVE-2016-10228 |
glibc: iconv program can hang when invoked with the -c option |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2019-25013 |
glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR en |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2020-10029 |
glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2020-27618 |
glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2023-4806 |
glibc: potential use-after-free in getaddrinfo() |
libc-dev-bin |
2.28-10+deb10u1 |
|
MEDIUM |
CVE-2023-4813 |
glibc: potential use-after-free in gaih_inet() |
libc-dev-bin |
2.28-10+deb10u1 |
|
MEDIUM |
CVE-2016-10228 |
glibc: iconv program can hang when invoked with the -c option |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2019-25013 |
glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR en |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2020-10029 |
glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2020-27618 |
glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2023-4806 |
glibc: potential use-after-free in getaddrinfo() |
libc6 |
2.28-10+deb10u1 |
|
MEDIUM |
CVE-2023-4813 |
glibc: potential use-after-free in gaih_inet() |
libc6 |
2.28-10+deb10u1 |
|
MEDIUM |
CVE-2016-10228 |
glibc: iconv program can hang when invoked with the -c option |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2019-25013 |
glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR en |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2020-10029 |
glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2020-27618 |
glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
MEDIUM |
CVE-2023-4806 |
glibc: potential use-after-free in getaddrinfo() |
libc6-dev |
2.28-10+deb10u1 |
|
MEDIUM |
CVE-2023-4813 |
glibc: potential use-after-free in gaih_inet() |
libc6-dev |
2.28-10+deb10u1 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libcc1-0 |
8.3.0-6 |
|
MEDIUM |
CVE-2021-22947 |
Server responses received before STARTTLS processed after TLS handshake |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-27774 |
curl: credential leak on redirect |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
MEDIUM |
CVE-2022-27776 |
curl: auth/cookie leak on redirect |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-32206 |
HTTP compression denial of service |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-32208 |
FTP-KRB bad message verification |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-43552 |
curl: Use-after-free triggered by an HTTP proxy deny response |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
MEDIUM |
CVE-2023-23916 |
curl: HTTP multi-header compression denial of service |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u5 |
MEDIUM |
CVE-2023-27535 |
curl: FTP too eager connection reuse |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-27536 |
curl: GSS delegation too eager connection re-use |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-27538 |
curl: SSH connection too eager reuse still |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-28321 |
curl: IDN wildcard match may lead to Improper Cerificate Validation |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u7 |
MEDIUM |
CVE-2023-46218 |
curl: information disclosure by exploiting a mixed case flaw |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u8 |
MEDIUM |
CVE-2021-22947 |
Server responses received before STARTTLS processed after TLS handshake |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-27774 |
curl: credential leak on redirect |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
MEDIUM |
CVE-2022-27776 |
curl: auth/cookie leak on redirect |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-32206 |
HTTP compression denial of service |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-32208 |
FTP-KRB bad message verification |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-43552 |
curl: Use-after-free triggered by an HTTP proxy deny response |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
MEDIUM |
CVE-2023-23916 |
curl: HTTP multi-header compression denial of service |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u5 |
MEDIUM |
CVE-2023-27535 |
curl: FTP too eager connection reuse |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-27536 |
curl: GSS delegation too eager connection re-use |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-27538 |
curl: SSH connection too eager reuse still |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-28321 |
curl: IDN wildcard match may lead to Improper Cerificate Validation |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u7 |
MEDIUM |
CVE-2023-46218 |
curl: information disclosure by exploiting a mixed case flaw |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u8 |
MEDIUM |
CVE-2021-22947 |
Server responses received before STARTTLS processed after TLS handshake |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-27774 |
curl: credential leak on redirect |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
MEDIUM |
CVE-2022-27776 |
curl: auth/cookie leak on redirect |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-32206 |
HTTP compression denial of service |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-32208 |
FTP-KRB bad message verification |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
MEDIUM |
CVE-2022-43552 |
curl: Use-after-free triggered by an HTTP proxy deny response |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
MEDIUM |
CVE-2023-23916 |
curl: HTTP multi-header compression denial of service |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u5 |
MEDIUM |
CVE-2023-27535 |
curl: FTP too eager connection reuse |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-27536 |
curl: GSS delegation too eager connection re-use |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-27538 |
curl: SSH connection too eager reuse still |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u6 |
MEDIUM |
CVE-2023-28321 |
curl: IDN wildcard match may lead to Improper Cerificate Validation |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u7 |
MEDIUM |
CVE-2023-46218 |
curl: information disclosure by exploiting a mixed case flaw |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u8 |
MEDIUM |
CVE-2020-21595 |
libde265 v1.0.4 contains a heap buffer overflow in the mc_luma functio ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2020-21596 |
libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_ ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2020-21597 |
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma funct ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2020-21599 |
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::av ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2020-21600 |
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pr ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2020-21601 |
libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallb ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2020-21602 |
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bi ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2020-21603 |
libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fa ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2020-21604 |
libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2020-21605 |
libde265 v1.0.4 contains a segmentation fault in the apply_sao_interna ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2020-21606 |
libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_ ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2021-35452 |
An Incorrect Access Control vulnerability exists in libde265 v1.0.8 du ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2021-36408 |
An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-f ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2021-36410 |
A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion. ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2021-36411 |
An issue has been found in libde265 v1.0.8 due to incorrect access con ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u1 |
MEDIUM |
CVE-2022-43235 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43236 |
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vuln ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43237 |
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vuln ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43238 |
Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43239 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43240 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43241 |
Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43242 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43243 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43244 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43245 |
Libde265 v1.0.8 was discovered to contain a segmentation violation via ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43248 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43249 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43250 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43252 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2022-43253 |
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... |
libde265-0 |
1.0.3-1+b1 |
1.0.3-1+deb10u3 |
MEDIUM |
CVE-2023-24751 |
libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
MEDIUM |
CVE-2023-24752 |
libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
MEDIUM |
CVE-2023-24754 |
libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
MEDIUM |
CVE-2023-24755 |
libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
MEDIUM |
CVE-2023-24756 |
libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
MEDIUM |
CVE-2023-24757 |
libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
MEDIUM |
CVE-2023-24758 |
libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u4 |
MEDIUM |
CVE-2023-27102 |
Libde265 v1.0.11 was discovered to contain a segmentation violation vi ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u5 |
MEDIUM |
CVE-2023-47471 |
Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a ... |
libde265-0 |
1.0.3-1+b1 |
1.0.11-0+deb10u5 |
MEDIUM |
CVE-2021-46310 |
An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... |
libdjvulibre-dev |
3.5.27.1-10+deb10u1 |
|
MEDIUM |
CVE-2021-46312 |
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... |
libdjvulibre-dev |
3.5.27.1-10+deb10u1 |
|
MEDIUM |
CVE-2021-46310 |
An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... |
libdjvulibre-text |
3.5.27.1-10+deb10u1 |
|
MEDIUM |
CVE-2021-46312 |
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... |
libdjvulibre-text |
3.5.27.1-10+deb10u1 |
|
MEDIUM |
CVE-2021-46310 |
An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... |
libdjvulibre21 |
3.5.27.1-10+deb10u1 |
|
MEDIUM |
CVE-2021-46312 |
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... |
libdjvulibre21 |
3.5.27.1-10+deb10u1 |
|
MEDIUM |
CVE-2020-21047 |
The libcpu component which is used by libasm of elfutils version 0.177 ... |
libelf1 |
0.176-1.1 |
0.176-1.1+deb10u1 |
MEDIUM |
CVE-2023-52426 |
expat: recursive XML entity expansion vulnerability |
libexpat1 |
2.2.6-2+deb10u4 |
|
MEDIUM |
CVE-2023-52426 |
expat: recursive XML entity expansion vulnerability |
libexpat1-dev |
2.2.6-2+deb10u4 |
|
MEDIUM |
CVE-2022-25309 |
fribidi: Heap-buffer-overflow in fribidi_cap_rtl_to_unicode |
libfribidi0 |
1.0.5-3.1+deb10u1 |
1.0.5-3.1+deb10u2 |
MEDIUM |
CVE-2022-25310 |
fribidi: SEGV in fribidi_remove_bidi_marks |
libfribidi0 |
1.0.5-3.1+deb10u1 |
1.0.5-3.1+deb10u2 |
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libgcc-8-dev |
8.3.0-6 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libgcc1 |
1:8.3.0-6 |
|
MEDIUM |
CVE-2019-13627 |
ECDSA timing attack allowing private key leak |
libgcrypt20 |
1.8.4-5+deb10u1 |
|
MEDIUM |
CVE-2021-3800 |
glib2: Possible privilege escalation thourgh pkexec and aliases |
libglib2.0-0 |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u4 |
MEDIUM |
CVE-2023-32611 |
glib: g_variant_byteswap() can take a long time with some non-normal inputs |
libglib2.0-0 |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2023-32665 |
glib: GVariant deserialisation does not match spec for non-normal data |
libglib2.0-0 |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2021-3800 |
glib2: Possible privilege escalation thourgh pkexec and aliases |
libglib2.0-bin |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u4 |
MEDIUM |
CVE-2023-32611 |
glib: g_variant_byteswap() can take a long time with some non-normal inputs |
libglib2.0-bin |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2023-32665 |
glib: GVariant deserialisation does not match spec for non-normal data |
libglib2.0-bin |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2021-3800 |
glib2: Possible privilege escalation thourgh pkexec and aliases |
libglib2.0-data |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u4 |
MEDIUM |
CVE-2023-32611 |
glib: g_variant_byteswap() can take a long time with some non-normal inputs |
libglib2.0-data |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2023-32665 |
glib: GVariant deserialisation does not match spec for non-normal data |
libglib2.0-data |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2021-3800 |
glib2: Possible privilege escalation thourgh pkexec and aliases |
libglib2.0-dev |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u4 |
MEDIUM |
CVE-2023-32611 |
glib: g_variant_byteswap() can take a long time with some non-normal inputs |
libglib2.0-dev |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2023-32665 |
glib: GVariant deserialisation does not match spec for non-normal data |
libglib2.0-dev |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2021-3800 |
glib2: Possible privilege escalation thourgh pkexec and aliases |
libglib2.0-dev-bin |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u4 |
MEDIUM |
CVE-2023-32611 |
glib: g_variant_byteswap() can take a long time with some non-normal inputs |
libglib2.0-dev-bin |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2023-32665 |
glib: GVariant deserialisation does not match spec for non-normal data |
libglib2.0-dev-bin |
2.58.3-2+deb10u3 |
2.58.3-2+deb10u5 |
MEDIUM |
CVE-2021-4209 |
GnuTLS: Null pointer dereference in MD_UPDATE |
libgnutls-dane0 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
MEDIUM |
CVE-2023-5981 |
gnutls: timing side-channel in the RSA-PSK authentication |
libgnutls-dane0 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u11 |
MEDIUM |
CVE-2021-4209 |
GnuTLS: Null pointer dereference in MD_UPDATE |
libgnutls-openssl27 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
MEDIUM |
CVE-2023-5981 |
gnutls: timing side-channel in the RSA-PSK authentication |
libgnutls-openssl27 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u11 |
MEDIUM |
CVE-2021-4209 |
GnuTLS: Null pointer dereference in MD_UPDATE |
libgnutls28-dev |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
MEDIUM |
CVE-2023-5981 |
gnutls: timing side-channel in the RSA-PSK authentication |
libgnutls28-dev |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u11 |
MEDIUM |
CVE-2021-4209 |
GnuTLS: Null pointer dereference in MD_UPDATE |
libgnutls30 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
MEDIUM |
CVE-2023-5981 |
gnutls: timing side-channel in the RSA-PSK authentication |
libgnutls30 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u11 |
MEDIUM |
CVE-2021-4209 |
GnuTLS: Null pointer dereference in MD_UPDATE |
libgnutlsxx28 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u9 |
MEDIUM |
CVE-2023-5981 |
gnutls: timing side-channel in the RSA-PSK authentication |
libgnutlsxx28 |
3.6.7-4+deb10u7 |
3.6.7-4+deb10u11 |
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libgomp1 |
8.3.0-6 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libgssapi-krb5-2 |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libgssapi-krb5-2 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libgssapi-krb5-2 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libgssapi-krb5-2 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libgssrpc4 |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libgssrpc4 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libgssrpc4 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libgssrpc4 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2022-33068 |
harfbuzz: integer overflow in the component hb-ot-shape-fallback.cc |
libharfbuzz0b |
2.3.1-1 |
|
MEDIUM |
CVE-2023-29659 |
A Segmentation fault caused by a floating point exception exists in li ... |
libheif1 |
1.3.2-2~deb10u1 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libitm1 |
8.3.0-6 |
|
MEDIUM |
CVE-2020-35538 |
libjpeg-turbo: Null pointer dereference in jcopy_sample_rows() function |
libjpeg-dev |
1:1.5.2-2+deb10u1 |
|
MEDIUM |
CVE-2021-46822 |
libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c |
libjpeg-dev |
1:1.5.2-2+deb10u1 |
|
MEDIUM |
CVE-2020-35538 |
libjpeg-turbo: Null pointer dereference in jcopy_sample_rows() function |
libjpeg62-turbo |
1:1.5.2-2+deb10u1 |
|
MEDIUM |
CVE-2021-46822 |
libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c |
libjpeg62-turbo |
1:1.5.2-2+deb10u1 |
|
MEDIUM |
CVE-2020-35538 |
libjpeg-turbo: Null pointer dereference in jcopy_sample_rows() function |
libjpeg62-turbo-dev |
1:1.5.2-2+deb10u1 |
|
MEDIUM |
CVE-2021-46822 |
libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c |
libjpeg62-turbo-dev |
1:1.5.2-2+deb10u1 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libk5crypto3 |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libk5crypto3 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libk5crypto3 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libk5crypto3 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkadm5clnt-mit11 |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkadm5clnt-mit11 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkadm5clnt-mit11 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkadm5clnt-mit11 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkadm5srv-mit11 |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkadm5srv-mit11 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkadm5srv-mit11 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkadm5srv-mit11 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkdb5-9 |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkdb5-9 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkdb5-9 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkdb5-9 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkrb5-3 |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkrb5-3 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5-3 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5-3 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkrb5-dev |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkrb5-dev |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5-dev |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5-dev |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2023-36054 |
krb5: Denial of service through freeing uninitialized pointer |
libkrb5support0 |
1.17-3+deb10u3 |
1.17-3+deb10u6 |
MEDIUM |
CVE-2024-26458 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... |
libkrb5support0 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26461 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5support0 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2024-26462 |
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... |
libkrb5support0 |
1.17-3+deb10u3 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
liblsan0 |
8.3.0-6 |
|
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2020-25664 |
ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2020-25665 |
ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25674 |
ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-25676 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27750 |
ImageMagick: division by zero in MagickCore/colorspace-private.h |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27756 |
ImageMagick: division by zero at MagickCore/geometry.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27760 |
ImageMagick: division by zero at MagickCore/enhance.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27762 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2020-27770 |
ImageMagick: unsigned offset overflowed at MagickCore/string.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20176 |
ImageMagick: processing crafted file leads to division by zero |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20224 |
ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2021-20241 |
ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20243 |
ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20244 |
ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20245 |
ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-20246 |
ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM |
CVE-2021-3596 |
ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-3213 |
ImageMagick: heap buffer overflow while processing a malformed TIFF file |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2022-44267 |
Denial of Service when it parses a PNG image |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2022-44268 |
vulnerable to Information Disclosure when it parses a PNG image |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM |
CVE-2023-1289 |
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-2157 |
heap overflow vulnerability |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-3195 |
stack overflow in coders/tiff.c while parsing malicious tiff file |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
MEDIUM |
CVE-2023-34151 |
Undefined behaviors of casting double to size_t in svg, mvg and other coders |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2023-5341 |
ImageMagick: Heap use-after-free in coders/bmp.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u6 |
MEDIUM |
CVE-2022-21427 |
mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
MEDIUM |
CVE-2022-38791 |
mariadb: compress_write() fails to release mutex on failure |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
MEDIUM |
CVE-2022-47015 |
mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.39-0+deb10u1 |
MEDIUM |
CVE-2023-22084 |
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.39-0+deb10u2 |
MEDIUM |
CVE-2022-21427 |
mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
MEDIUM |
CVE-2022-38791 |
mariadb: compress_write() fails to release mutex on failure |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
MEDIUM |
CVE-2022-47015 |
mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.39-0+deb10u1 |
MEDIUM |
CVE-2023-22084 |
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.39-0+deb10u2 |
MEDIUM |
CVE-2022-21427 |
mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
MEDIUM |
CVE-2022-38791 |
mariadb: compress_write() fails to release mutex on failure |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
MEDIUM |
CVE-2022-47015 |
mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.39-0+deb10u1 |
MEDIUM |
CVE-2023-22084 |
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.39-0+deb10u2 |
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libmpx2 |
8.3.0-6 |
|
MEDIUM |
CVE-2020-19189 |
ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 |
libncurses-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u4 |
MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncurses-dev |
6.1+20181013-2+deb10u2 |
|
MEDIUM |
CVE-2020-19189 |
ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 |
libncurses5-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u4 |
MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncurses5-dev |
6.1+20181013-2+deb10u2 |
|
MEDIUM |
CVE-2020-19189 |
ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 |
libncurses6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u4 |
MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncurses6 |
6.1+20181013-2+deb10u2 |
|
MEDIUM |
CVE-2020-19189 |
ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 |
libncursesw5-dev |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u4 |
MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncursesw5-dev |
6.1+20181013-2+deb10u2 |
|
MEDIUM |
CVE-2020-19189 |
ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 |
libncursesw6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u4 |
MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libncursesw6 |
6.1+20181013-2+deb10u2 |
|
MEDIUM |
CVE-2020-16587 |
OpenEXR: A heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp coul |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2020-16588 |
OpenEXR: A Null Pointer Deference in generatePreview in makePreview.cpp could result in a DOS via a |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2020-16589 |
OpenEXR: A heap-based buffer overflow in writeTileData in ImfTiledOutputFile.cpp could result in a D |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-20296 |
OpenEXR: Segv on unknown address in Imf_2_5::hufUncompress - Null Pointer dereference |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-20300 |
OpenEXR: Integer-overflow in Imf_2_5::hufUncompress |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-20302 |
OpenEXR: Floating-point-exception in Imf_2_5::precalculateTileInfot |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-20303 |
OpenEXR: Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-23215 |
initializeBuffers |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-26260 |
initializeBuffers |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3474 |
OpenEXR: Undefined-shift in Imf_2_5::FastHufDecoder::FastHufDecoder |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3475 |
OpenEXR: Integer-overflow in Imf_2_5::calculateNumTiles |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3476 |
OpenEXR: Undefined-shift in Imf_2_5::unpack14 |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3477 |
OpenEXR: Heap-buffer-overflow in Imf_2_5::DeepTiledInputFile::readPixelSampleCounts |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3478 |
OpenEXR: Out-of-memory in ScanLineInputFile |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3479 |
OpenEXR: Out-of-memory caused by allocation of a very large buffer |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3598 |
readChars |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3605 |
Heap buffer overflow in the rleUncompress function |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3933 |
openexr: Integer-overflow in Imf_3_1::bytesPerDeepLineTable |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3941 |
openexr: Divide-by-zero in Imf_3_1::RGBtoXYZ |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-45942 |
execute |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2020-16587 |
OpenEXR: A heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp coul |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2020-16588 |
OpenEXR: A Null Pointer Deference in generatePreview in makePreview.cpp could result in a DOS via a |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2020-16589 |
OpenEXR: A heap-based buffer overflow in writeTileData in ImfTiledOutputFile.cpp could result in a D |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-20296 |
OpenEXR: Segv on unknown address in Imf_2_5::hufUncompress - Null Pointer dereference |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-20300 |
OpenEXR: Integer-overflow in Imf_2_5::hufUncompress |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-20302 |
OpenEXR: Floating-point-exception in Imf_2_5::precalculateTileInfot |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-20303 |
OpenEXR: Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-23215 |
initializeBuffers |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-26260 |
initializeBuffers |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3474 |
OpenEXR: Undefined-shift in Imf_2_5::FastHufDecoder::FastHufDecoder |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3475 |
OpenEXR: Integer-overflow in Imf_2_5::calculateNumTiles |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3476 |
OpenEXR: Undefined-shift in Imf_2_5::unpack14 |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3477 |
OpenEXR: Heap-buffer-overflow in Imf_2_5::DeepTiledInputFile::readPixelSampleCounts |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3478 |
OpenEXR: Out-of-memory in ScanLineInputFile |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3479 |
OpenEXR: Out-of-memory caused by allocation of a very large buffer |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3598 |
readChars |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3605 |
Heap buffer overflow in the rleUncompress function |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3933 |
openexr: Integer-overflow in Imf_3_1::bytesPerDeepLineTable |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-3941 |
openexr: Divide-by-zero in Imf_3_1::RGBtoXYZ |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2021-45942 |
execute |
libopenexr23 |
2.2.1-4.1+deb10u1 |
2.2.1-4.1+deb10u2 |
MEDIUM |
CVE-2019-12973 |
openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
MEDIUM |
CVE-2021-29338 |
openjpeg: out-of-bounds write due to an integer overflow in opj_compress.c |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
MEDIUM |
CVE-2022-1122 |
openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
MEDIUM |
CVE-2019-12973 |
openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
MEDIUM |
CVE-2021-29338 |
openjpeg: out-of-bounds write due to an integer overflow in opj_compress.c |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
MEDIUM |
CVE-2022-1122 |
openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
MEDIUM |
CVE-2024-22365 |
pam: allowing unpriledged user to block another user namespace |
libpam-modules |
1.3.1-5 |
|
MEDIUM |
CVE-2024-22365 |
pam: allowing unpriledged user to block another user namespace |
libpam-modules-bin |
1.3.1-5 |
|
MEDIUM |
CVE-2024-22365 |
pam: allowing unpriledged user to block another user namespace |
libpam-runtime |
1.3.1-5 |
|
MEDIUM |
CVE-2024-22365 |
pam: allowing unpriledged user to block another user namespace |
libpam0g |
1.3.1-5 |
|
MEDIUM |
CVE-2020-14155 |
pcre: Integer overflow when parsing callout numeric arguments |
libpcre16-3 |
2:8.39-12 |
|
MEDIUM |
CVE-2020-14155 |
pcre: Integer overflow when parsing callout numeric arguments |
libpcre3 |
2:8.39-12 |
|
MEDIUM |
CVE-2020-14155 |
pcre: Integer overflow when parsing callout numeric arguments |
libpcre3-dev |
2:8.39-12 |
|
MEDIUM |
CVE-2020-14155 |
pcre: Integer overflow when parsing callout numeric arguments |
libpcre32-3 |
2:8.39-12 |
|
MEDIUM |
CVE-2020-14155 |
pcre: Integer overflow when parsing callout numeric arguments |
libpcrecpp0v5 |
2:8.39-12 |
|
MEDIUM |
CVE-2023-2455 |
postgresql: row security policies disregard user ID changes after inlining. |
libpq-dev |
11.16-0+deb10u1 |
11.20-0+deb10u1 |
MEDIUM |
CVE-2023-5868 |
postgresql: Memory disclosure in aggregate function calls |
libpq-dev |
11.16-0+deb10u1 |
11.22-0+deb10u1 |
MEDIUM |
CVE-2023-5870 |
postgresql: Role pg_signal_backend can signal certain superuser processes. |
libpq-dev |
11.16-0+deb10u1 |
11.22-0+deb10u1 |
MEDIUM |
CVE-2023-2455 |
postgresql: row security policies disregard user ID changes after inlining. |
libpq5 |
11.16-0+deb10u1 |
11.20-0+deb10u1 |
MEDIUM |
CVE-2023-5868 |
postgresql: Memory disclosure in aggregate function calls |
libpq5 |
11.16-0+deb10u1 |
11.22-0+deb10u1 |
MEDIUM |
CVE-2023-5870 |
postgresql: Role pg_signal_backend can signal certain superuser processes. |
libpq5 |
11.16-0+deb10u1 |
11.22-0+deb10u1 |
MEDIUM |
CVE-2020-8492 |
python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2021-23336 |
python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolo |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2021-3733 |
python: urllib: Regular expression DoS in AbstractBasicAuthHandler |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2021-4189 |
python: ftplib should not use the host from the PASV response |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
|
MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2020-8492 |
python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2021-23336 |
python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolo |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2021-3733 |
python: urllib: Regular expression DoS in AbstractBasicAuthHandler |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2021-4189 |
python: ftplib should not use the host from the PASV response |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
|
MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2021-23336 |
python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolo |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
MEDIUM |
CVE-2021-3426 |
python: Information disclosure via pydoc |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2021-3733 |
python: urllib: Regular expression DoS in AbstractBasicAuthHandler |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2021-4189 |
python: ftplib should not use the host from the PASV response |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2022-48564 |
python: DoS when processing malformed Apple Property List files in binary format |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2021-23336 |
python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolo |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
MEDIUM |
CVE-2021-3426 |
python: Information disclosure via pydoc |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2021-3733 |
python: urllib: Regular expression DoS in AbstractBasicAuthHandler |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2021-4189 |
python: ftplib should not use the host from the PASV response |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2022-48564 |
python: DoS when processing malformed Apple Property List files in binary format |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libquadmath0 |
8.3.0-6 |
|
MEDIUM |
CVE-2019-20446 |
librsvg: Resource exhaustion via crafted SVG file with nested patterns |
librsvg2-2 |
2.44.10-2.1 |
2.44.10-2.1+deb10u1 |
MEDIUM |
CVE-2019-20446 |
librsvg: Resource exhaustion via crafted SVG file with nested patterns |
librsvg2-common |
2.44.10-2.1 |
2.44.10-2.1+deb10u1 |
MEDIUM |
CVE-2019-20446 |
librsvg: Resource exhaustion via crafted SVG file with nested patterns |
librsvg2-dev |
2.44.10-2.1 |
2.44.10-2.1+deb10u1 |
MEDIUM |
CVE-2019-19645 |
sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TAB |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
MEDIUM |
CVE-2019-19924 |
sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rew |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
MEDIUM |
CVE-2020-13631 |
sqlite: Virtual table can be renamed into the name of one of its shadow tables |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
MEDIUM |
CVE-2019-19645 |
sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TAB |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
MEDIUM |
CVE-2019-19924 |
sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rew |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
MEDIUM |
CVE-2020-13631 |
sqlite: Virtual table can be renamed into the name of one of its shadow tables |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
MEDIUM |
CVE-2022-2097 |
openssl: AES OCB fails to encrypt some bytes |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
MEDIUM |
CVE-2022-4304 |
openssl: timing attack in RSA Decryption implementation |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
MEDIUM |
CVE-2023-0465 |
openssl: Invalid certificate policies in leaf certificates are silently ignored |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
MEDIUM |
CVE-2023-0466 |
openssl: Certificate policy check not enabled |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
MEDIUM |
CVE-2023-2650 |
openssl: Possible DoS translating ASN.1 object identifiers |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
MEDIUM |
CVE-2023-3446 |
openssl: Excessive time spent checking DH keys and parameters |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u6 |
MEDIUM |
CVE-2023-3817 |
OpenSSL: Excessive time spent checking DH q parameter value |
libssl-dev |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u6 |
MEDIUM |
CVE-2023-5678 |
openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or par |
libssl-dev |
1.1.1n-0+deb10u2 |
|
MEDIUM |
CVE-2024-0727 |
openssl: denial of service via null dereference |
libssl-dev |
1.1.1n-0+deb10u2 |
|
MEDIUM |
CVE-2022-2097 |
openssl: AES OCB fails to encrypt some bytes |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
MEDIUM |
CVE-2022-4304 |
openssl: timing attack in RSA Decryption implementation |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
MEDIUM |
CVE-2023-0465 |
openssl: Invalid certificate policies in leaf certificates are silently ignored |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
MEDIUM |
CVE-2023-0466 |
openssl: Certificate policy check not enabled |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
MEDIUM |
CVE-2023-2650 |
openssl: Possible DoS translating ASN.1 object identifiers |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
MEDIUM |
CVE-2023-3446 |
openssl: Excessive time spent checking DH keys and parameters |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u6 |
MEDIUM |
CVE-2023-3817 |
OpenSSL: Excessive time spent checking DH q parameter value |
libssl1.1 |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u6 |
MEDIUM |
CVE-2023-5678 |
openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or par |
libssl1.1 |
1.1.1n-0+deb10u2 |
|
MEDIUM |
CVE-2024-0727 |
openssl: denial of service via null dereference |
libssl1.1 |
1.1.1n-0+deb10u2 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libstdc++-8-dev |
8.3.0-6 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libstdc++6 |
8.3.0-6 |
|
MEDIUM |
CVE-2021-3997 |
Uncontrolled recursion in systemd-tmpfiles when removing files |
libsystemd0 |
241-7~deb10u8 |
|
MEDIUM |
CVE-2022-3821 |
systemd: buffer overrun in format_timespan() function |
libsystemd0 |
241-7~deb10u8 |
241-7~deb10u10 |
MEDIUM |
CVE-2022-4415 |
systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setti |
libsystemd0 |
241-7~deb10u8 |
|
MEDIUM |
CVE-2023-7008 |
systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes |
libsystemd0 |
241-7~deb10u8 |
|
MEDIUM |
CVE-2022-1354 |
libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-1355 |
libtiff: stack-buffer-overflow in tiffcp.c in main() |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2056 |
division by zero issues in tiffcrop |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2057 |
division by zero issues in tiffcrop |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2058 |
division by zero issues in tiffcrop |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2867 |
uint32_t underflow leads to out of bounds read and write in tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2868 |
Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2869 |
tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSample |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-34526 |
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3570 |
libtiff: heap Buffer overflows in tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3597 |
libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3598 |
libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3599 |
libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3626 |
libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3627 |
libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-40090 |
libtiff: infinite loop via a crafted TIFF file |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
MEDIUM |
CVE-2022-4645 |
libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-48281 |
libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u6 |
MEDIUM |
CVE-2023-0795 |
libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0796 |
libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0797 |
libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0798 |
libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0799 |
libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0800 |
libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0801 |
libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tool |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0802 |
libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0803 |
libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0804 |
libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-25433 |
libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-25435 |
libtiff: tiffcrop: heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-26965 |
libtiff: heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-26966 |
libtiff: Buffer Overflow in uv_encode() |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-2908 |
libtiff: null pointer dereference in tif_dir.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-30086 |
libtiff: Heap buffer overflow in tiffcp() at tiffcp.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2023-30774 |
libtiff: heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS va |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2023-3316 |
libtiff: tiffcrop: null pointer dereference in TIFFClose() |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-3576 |
libtiff: memory leak in tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
MEDIUM |
CVE-2023-3618 |
libtiff: segmentation fault in Fax3Encode in libtiff/tif_fax3.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-40745 |
libtiff: integer overflow in tiffcp.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-41175 |
libtiff: potential integer overflow in raw2tiff.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-6277 |
libtiff: Out-of-memory in TIFFOpen via a craft file |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
MEDIUM |
CVE-2022-1354 |
libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-1355 |
libtiff: stack-buffer-overflow in tiffcp.c in main() |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2056 |
division by zero issues in tiffcrop |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2057 |
division by zero issues in tiffcrop |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2058 |
division by zero issues in tiffcrop |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2867 |
uint32_t underflow leads to out of bounds read and write in tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2868 |
Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2869 |
tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSample |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-34526 |
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3570 |
libtiff: heap Buffer overflows in tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3597 |
libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3598 |
libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3599 |
libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3626 |
libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3627 |
libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-40090 |
libtiff: infinite loop via a crafted TIFF file |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
MEDIUM |
CVE-2022-4645 |
libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-48281 |
libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u6 |
MEDIUM |
CVE-2023-0795 |
libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0796 |
libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0797 |
libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0798 |
libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0799 |
libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0800 |
libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0801 |
libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tool |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0802 |
libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0803 |
libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0804 |
libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-25433 |
libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-25435 |
libtiff: tiffcrop: heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-26965 |
libtiff: heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-26966 |
libtiff: Buffer Overflow in uv_encode() |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-2908 |
libtiff: null pointer dereference in tif_dir.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-30086 |
libtiff: Heap buffer overflow in tiffcp() at tiffcp.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2023-30774 |
libtiff: heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS va |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2023-3316 |
libtiff: tiffcrop: null pointer dereference in TIFFClose() |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-3576 |
libtiff: memory leak in tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
MEDIUM |
CVE-2023-3618 |
libtiff: segmentation fault in Fax3Encode in libtiff/tif_fax3.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-40745 |
libtiff: integer overflow in tiffcp.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-41175 |
libtiff: potential integer overflow in raw2tiff.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-6277 |
libtiff: Out-of-memory in TIFFOpen via a craft file |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
MEDIUM |
CVE-2022-1354 |
libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-1355 |
libtiff: stack-buffer-overflow in tiffcp.c in main() |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2056 |
division by zero issues in tiffcrop |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2057 |
division by zero issues in tiffcrop |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2058 |
division by zero issues in tiffcrop |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2867 |
uint32_t underflow leads to out of bounds read and write in tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2868 |
Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-2869 |
tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSample |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-34526 |
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3570 |
libtiff: heap Buffer overflows in tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3597 |
libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3598 |
libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3599 |
libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3626 |
libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-3627 |
libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-40090 |
libtiff: infinite loop via a crafted TIFF file |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
MEDIUM |
CVE-2022-4645 |
libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2022-48281 |
libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u6 |
MEDIUM |
CVE-2023-0795 |
libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0796 |
libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0797 |
libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0798 |
libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0799 |
libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0800 |
libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0801 |
libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tool |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0802 |
libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0803 |
libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-0804 |
libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-25433 |
libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-25435 |
libtiff: tiffcrop: heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u7 |
MEDIUM |
CVE-2023-26965 |
libtiff: heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-26966 |
libtiff: Buffer Overflow in uv_encode() |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-2908 |
libtiff: null pointer dereference in tif_dir.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-30086 |
libtiff: Heap buffer overflow in tiffcp() at tiffcp.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2023-30774 |
libtiff: heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS va |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u5 |
MEDIUM |
CVE-2023-3316 |
libtiff: tiffcrop: null pointer dereference in TIFFClose() |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-3576 |
libtiff: memory leak in tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
MEDIUM |
CVE-2023-3618 |
libtiff: segmentation fault in Fax3Encode in libtiff/tif_fax3.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-40745 |
libtiff: integer overflow in tiffcp.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-41175 |
libtiff: potential integer overflow in raw2tiff.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
4.1.0+git191117-2~deb10u8 |
MEDIUM |
CVE-2023-6277 |
libtiff: Out-of-memory in TIFFOpen via a craft file |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
MEDIUM |
CVE-2020-19189 |
ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 |
libtinfo6 |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u4 |
MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
libtinfo6 |
6.1+20181013-2+deb10u2 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libtsan0 |
8.3.0-6 |
|
MEDIUM |
CVE-2023-4039 |
gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 |
libubsan1 |
8.3.0-6 |
|
MEDIUM |
CVE-2021-3997 |
Uncontrolled recursion in systemd-tmpfiles when removing files |
libudev1 |
241-7~deb10u8 |
|
MEDIUM |
CVE-2022-3821 |
systemd: buffer overrun in format_timespan() function |
libudev1 |
241-7~deb10u8 |
241-7~deb10u10 |
MEDIUM |
CVE-2022-4415 |
systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setti |
libudev1 |
241-7~deb10u8 |
|
MEDIUM |
CVE-2023-7008 |
systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes |
libudev1 |
241-7~deb10u8 |
|
MEDIUM |
CVE-2020-28935 |
unbound: symbolic link traversal when writing PID file |
libunbound8 |
1.9.0-2+deb10u2 |
1.9.0-2+deb10u3 |
MEDIUM |
CVE-2022-30698 |
unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malic |
libunbound8 |
1.9.0-2+deb10u2 |
1.9.0-2+deb10u3 |
MEDIUM |
CVE-2022-30699 |
unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malic |
libunbound8 |
1.9.0-2+deb10u2 |
1.9.0-2+deb10u3 |
MEDIUM |
CVE-2023-43785 |
libX11: out-of-bounds memory access in _XkbReadKeySyms() |
libx11-6 |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u4 |
MEDIUM |
CVE-2023-43786 |
libX11: stack exhaustion from infinite recursion in PutSubImage() |
libx11-6 |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u4 |
MEDIUM |
CVE-2023-43785 |
libX11: out-of-bounds memory access in _XkbReadKeySyms() |
libx11-data |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u4 |
MEDIUM |
CVE-2023-43786 |
libX11: stack exhaustion from infinite recursion in PutSubImage() |
libx11-data |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u4 |
MEDIUM |
CVE-2023-43785 |
libX11: out-of-bounds memory access in _XkbReadKeySyms() |
libx11-dev |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u4 |
MEDIUM |
CVE-2023-43786 |
libX11: stack exhaustion from infinite recursion in PutSubImage() |
libx11-dev |
2:1.6.7-1+deb10u2 |
2:1.6.7-1+deb10u4 |
MEDIUM |
CVE-2016-3709 |
libxml2: Incorrect server side include parsing can lead to XSS |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
|
MEDIUM |
CVE-2016-9318 |
libxml2: XML External Entity vulnerability |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
|
MEDIUM |
CVE-2023-28484 |
libxml2: NULL dereference in xmlSchemaFixupComplexType |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
2.9.4+dfsg1-7+deb10u6 |
MEDIUM |
CVE-2023-29469 |
libxml2: Hashing of empty dict strings isn't deterministic |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
2.9.4+dfsg1-7+deb10u6 |
MEDIUM |
CVE-2023-39615 |
libxml2: crafted xml can cause global buffer overflow |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
|
MEDIUM |
CVE-2023-45322 |
libxml2: use-after-free in xmlUnlinkNode() in tree.c |
libxml2 |
2.9.4+dfsg1-7+deb10u4 |
|
MEDIUM |
CVE-2016-3709 |
libxml2: Incorrect server side include parsing can lead to XSS |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
|
MEDIUM |
CVE-2016-9318 |
libxml2: XML External Entity vulnerability |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
|
MEDIUM |
CVE-2023-28484 |
libxml2: NULL dereference in xmlSchemaFixupComplexType |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
2.9.4+dfsg1-7+deb10u6 |
MEDIUM |
CVE-2023-29469 |
libxml2: Hashing of empty dict strings isn't deterministic |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
2.9.4+dfsg1-7+deb10u6 |
MEDIUM |
CVE-2023-39615 |
libxml2: crafted xml can cause global buffer overflow |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
|
MEDIUM |
CVE-2023-45322 |
libxml2: use-after-free in xmlUnlinkNode() in tree.c |
libxml2-dev |
2.9.4+dfsg1-7+deb10u4 |
|
MEDIUM |
CVE-2019-15213 |
kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2019-15794 |
kernel: Overlayfs in the Linux kernel and shiftfs not restoring original value on error leading to |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2019-16089 |
Improper return check in nbd_genl_status function in drivers/block/nbd.c |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2019-20794 |
kernel: task processes not being properly ended could lead to resource exhaustion |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-12363 |
kernel: Improper input validation in some Intel(R) Graphics Drivers |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-12364 |
kernel: Null pointer dereference in some Intel(R) Graphics Drivers |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-14304 |
ethtool when reading eeprom of device could lead to memory leak |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-16120 |
kernel: incorrect unprivileged overlayfs permission checking may lead to information disclosure |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-26141 |
kernel: not verifying TKIP MIC of fragmented frames |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-26145 |
kernel: accepting plaintext broadcast fragments as full frames |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-26541 |
kernel: security bypass in certs/blacklist.c and certs/system_keyring.c |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-27835 |
kernel: child process is able to access parent mm through hfi dev file handle |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-36310 |
kernel: infinite loop in set_memory_region_test in arch/x86/kvm/svm/svm.c for certain nested page fa |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-36691 |
kernel: lib/nlattr.c allows attackers to cause a denial of service |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-36694 |
use-after-free in the packet processing context |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2020-36775 |
kernel: potential deadlock in f2fs_write_single_data_page |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2021-33061 |
kernel: insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapter |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2021-33630 |
kernel: net/sched: cbs NULL pointer dereference when offloading is enabled |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2021-33655 |
kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2021-33656 |
when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2021-3669 |
reading /proc/sysvipc/shm does not scale with large shared memory segment counts |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2021-3759 |
unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2021-4159 |
kernel: another kernel ptr leak vulnerability via BPF in coerce_reg_to_size |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2021-44879 |
NULL pointer dereference in folio_mark_dirty() via a crafted f2fs image |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2021-46925 |
kernel: net/smc: fix kernel panic caused by race of smc_sock |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2021-46926 |
kernel: ALSA: hda: intel-sdw-acpi: harden detection of controller |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-0480 |
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-0494 |
information leak in scsi_ioctl() |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-0812 |
NFS over RDMA random memory leakage |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-0854 |
kernel: swiotlb information leak with DMA_FROM_DEVICE |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-1016 |
kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-1184 |
kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-1195 |
A possible race condition (use-after-free) in drivers/net/hamradio/6pack ( mkiss.c) after unregister |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-1198 |
use-after-free in drivers/net/hamradio/6pack.c |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-1204 |
kernel: Use after free in net/ax25/af_ax25.c |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-1205 |
kernel: Null pointer dereference and use after free in net/ax25/ax25_timer.c |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-1280 |
concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-1462 |
kernel: possible race condition in drivers/tty/tty_buffers.c |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-1516 |
null-ptr-deref caused by x25_disconnect |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-1974 |
use-after-free in /net/nfc/core.c causes kernel crash by simulating nfc device from user-space |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-1975 |
kernel: sleep in atomic bug when firmware download timeout |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-20369 |
kernel: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-20423 |
In rndis_set_response of rndis.c, there is a possible out of bounds wr ... |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2022-20572 |
kernel: missing DM_TARGET_IMMUTABLE feature flag in verity_target in drivers/md/dm-verity-target.c |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2022-21123 |
incomplete clean-up of multi-core shared buffers (aka SBDR) |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-21125 |
incomplete clean-up of microarchitectural fill buffers (aka SBDS) |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-21166 |
incomplete clean-up in specific special register write operations (aka DRPW) |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-21499 |
kernel: possible to use the debugger to write zero into a location of choice |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-2153 |
NULL pointer dereference in kvm_irq_delivery_to_apic_fast() |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-2318 |
Kernel: A use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-2380 |
kernel: vulnerability in sm712fb driver |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2022-23960 |
hw: cpu: arm64: Spectre-BHB |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-2503 |
kernel: LoadPin bypass via dm-verity table reload |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2022-26373 |
hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-2663 |
kernel: netfilter: nf_conntrack_irc message handling issue |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-27672 |
kernel: AMD: Cross-Thread Return Address Predictions |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-28356 |
kernel: refcount leak in llc_ui_bind and llc_ui_autobind |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-28388 |
kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-28389 |
kernel: a double free in mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
MEDIUM |
CVE-2022-2873 |
kernel: an out-of-bounds vulnerability in i2c-ismt driver |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2022-29900 |
hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-29901 |
hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-3061 |
kernel: fbdev: i740fb: divide-by-zero in drivers/video/fbdev/i740fb.c could lead to DoS |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-3107 |
NULL pointer dereference in netvsc_get_ethtool_stats() |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2022-3108 |
NULL pointer dereference in kfd_parse_subtype_iolink() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-3111 |
memory leak in free_charger_irq() |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2022-3115 |
NULL pointer dereference in malidp_crtc_reset() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-3169 |
Kernel: Request to NVME_IOCTL_RESET and NVME_IOCTL_SUBSYS_RESET may cause a DOS. |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-3303 |
race condition in snd_pcm_oss_sync leads to NULL pointer dereference |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-3344 |
nested shutdown interception could lead to host crash |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-33744 |
Arm guests can cause Dom0 DoS via PV devices When mapping pages of gue ... |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-3523 |
Kernel: race when faulting a device private page in memory manager |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-3524 |
kernel: memory leak in ipv6_renew_options() |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-3567 |
kernel: data races around sk->sk_prot |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-3586 |
kernel: net scheduler use-after-free information disclosure vulnerability |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-3594 |
kernel: Rate limit overflow messages in r8152 in intr_callback |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-3621 |
kernel: nilfs2: NULL pointer dereference in nilfs_bmap_lookup_at_level in fs/nilfs2/inode.c |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-3628 |
kernel: USB-accessible buffer overflow in brcmfmac |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-36280 |
out-of-bounds write in vmw_kms_cursor_snoop |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2022-3643 |
Xen Security Advisory 423 v1: Guests can trigger NIC interface reset/abort/crash via netback |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-3646 |
kernel: nilfs2: memory leak in nilfs_attach_log_writer in fs/nilfs2/segment.c |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-36879 |
kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-3707 |
kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2022-3903 |
kernel: An invalid pipe direction in the mceusb driver cause the kernel to DOS |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-39188 |
kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-39842 |
Kernel: A type conflict of size_t versus int cause an integer overflow in pxa3xx_gcu_write |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-40307 |
kernel: use-after-free in efi_capsule_write in capsule-loader.c |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-40768 |
kernel: leak of sensitive information due to uninitialized data in stex_queuecommand_lck() in driver |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-40982 |
hw: Intel: Gather Data Sampling (GDS) side channel vulnerability |
linux-libc-dev |
4.19.235-1 |
4.19.289-2 |
MEDIUM |
CVE-2022-41218 |
kernel: Report vmalloc UAF in dvb-core/dmxdev |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2022-4129 |
kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-41849 |
Kernel: A race between ufx_ops_open() and ufx_usb_disconnect() may result in UAF |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-41850 |
Race condition in roccat_report_event in drivers/hid/hid-roccat.c |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-42328 |
CVE-2022-42329 kernel: Xen Security Advisory 424 v1: guests can trigger deadlock in Linux netback dr |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-42329 |
CVE-2022-42328 CVE-2022-42329 kernel: Xen Security Advisory 424 v1: guests can trigger deadlock in L |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-4269 |
CPU soft lockup in TC mirred egress-to-ingress action |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-42703 |
use-after-free related to leaf anon_vma double reuse |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-42895 |
kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-43750 |
kernel: memory corruption in usbmon driver |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2022-4382 |
kernel: usb: use-after-free write in put_dev |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-4543 |
kernel: KASLR Prefetch Bypass Breaks KPTI |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2022-4662 |
Recursive locking violation in usb-storage that can cause the kernel to deadlock |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2022-47929 |
kernel: NULL pointer dereference in traffic control subsystem |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2022-48619 |
kernel: event code falling outside of a bitmap in input_set_capability() leads to panic |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2023-0160 |
possibility of deadlock in libbpf function sock_hash_delete_elem |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-0394 |
kernel: NULL pointer dereference in rawv6_push_pending_frames |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-0458 |
kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-0459 |
kernel: Copy_from_user on 64-bit versions may leak kernel information |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-0590 |
kernel: use-after-free due to race condition in qdisc_graft() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-0597 |
kernel: x86/mm: Randomize per-cpu entry area |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-0615 |
multiple issues for the Video for Linux version 2 test driver |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-1073 |
kernel: HID: check empty report_list in hid_validate_values() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-1074 |
kernel: sctp: fail if no bound addresses can be used for a given scope |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-1076 |
kernel: tap: tap_open(): correctly initialize socket uid |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-1079 |
kernel: hid: Use After Free in asus_remove() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-1095 |
kernel: netfilter: NULL pointer dereference in nf_tables due to zeroed list head |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2023-1206 |
kernel: hash collisions in the IPv6 connection lookup table |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-1249 |
kernel: missing mmap_lock in file_files_note that could possibly lead to a use after free in the cor |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-1382 |
kernel: denial of service in tipc_conn_close |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
MEDIUM |
CVE-2023-1582 |
kernel: Soft lockup occurred during __page_mapcount |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-1637 |
kernel: save/restore speculative MSRs during S3 suspend/resume |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2023-1855 |
kernel: use-after-free bug in remove function xgene_hwmon_remove |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-1859 |
kernel: Use after free in xen_9pfs_front_remove due to race condition |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-1990 |
Use after free bug in ndlc_remove due to race condition |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-1998 |
kernel: Spectre v2 SMT mitigations problem |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-2002 |
Kernel: bluetooth: Unauthorized management command execution |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
MEDIUM |
CVE-2023-20569 |
hw amd: Return Address Predictor vulnerability leading to information disclosure |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-20588 |
division-by-zero may resulting in loss of confidentiality |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-20593 |
hw: amd: Cross-Process Information Leak |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
MEDIUM |
CVE-2023-2162 |
kernel: UAF during login when accessing the shost ipaddress |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-2177 |
Kernel: NULL pointer dereference problem in sctp_sched_dequeue_common |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-2194 |
kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-2269 |
kernel: A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
MEDIUM |
CVE-2023-23454 |
kernel: slab-out-of-bounds read vulnerabilities in cbq_classify |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-23455 |
Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-2513 |
kernel: ext4: use-after-free in ext4_xattr_set_entry() |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2023-26545 |
kernel: mpls: double free on sysctl allocation failure |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-28328 |
kernel: Denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-2860 |
out-of-bounds read when setting HMAC data |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
MEDIUM |
CVE-2023-2985 |
use-after-free issue in hfsplus_release_folio in fs/hfsplus/super.c |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-3006 |
RHEL: Add Spectre-BHB mitigation for AmpereOne |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-3022 |
kernel: IPv6: panic in fib6_rule_suppress when fib6_rule_lookup fails |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-30456 |
kernel: KVM: nVMX: missing consistency checks for CR0 and CR4 |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-30772 |
race condition leading to use-after-free in da9150_charger_remove() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-31082 |
kernel: sleeping function called from an invalid context in gsmld_write |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-31083 |
kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-31084 |
kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
MEDIUM |
CVE-2023-3159 |
kernel: use after free issue in driver/firewire in outbound_phy_packet_callback |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2023-3161 |
kernel: fbcon: shift-out-of-bounds in fbcon_set_font() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-3212 |
kernel: gfs2: NULL pointer dereference in gfs2_evict_inode() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-3220 |
NULL pointer dereference in dpu_crtc_atomic_check() in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-32269 |
user after free in nr_listen in net/netrom/af_netrom.c |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-33203 |
kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-33288 |
use-after-free in bq24190_remove in drivers/power/supply/bq24190_charger.c |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-3338 |
crash due to a NULL pointer dereference in the dn_nsp_send function |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
MEDIUM |
CVE-2023-3358 |
kernel: NULL pointer dereference due to missing kalloc() return value check in shtp_cl_get_dma_send_ |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-3397 |
slab-use-after-free Write in txEnd due to race condition |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-34256 |
Out of bounds read in crc16 in lib/crc16.c |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
MEDIUM |
CVE-2023-34324 |
Closing of an event channel in the Linux kernel can result in a deadlo ... |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-37453 |
kernel: usb: out-of-bounds read in read_descriptors |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-37454 |
kernel: udf: use-after-free write in udf_close_lvid |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-3772 |
kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-3863 |
use-after-free in nfc_llcp_find_loca in net/nfc/llcp_core.c |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-39189 |
kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-39192 |
kernel: netfilter: xtables out-of-bounds read in u32_match_it() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-39193 |
kernel: netfilter: xtables sctp out-of-bounds read in match_flags() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-39194 |
kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-39198 |
kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-4010 |
kernel: usb: hcd: malformed USB descriptor leads to infinite loop in usb_giveback_urb() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-4132 |
kernel: smsusb: use-after-free caused by do_submit_urb() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-4133 |
kernel: cxgb4: use-after-free in ch_flower_stats_cb() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-4194 |
kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-42754 |
kernel: ipv4: NULL pointer dereference in ipv4_send_dest_unreach() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-42755 |
kernel: rsvp: out-of-bounds read in rsvp_classify() |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-4385 |
NULL pointer dereference in dbFree() |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2023-4459 |
kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
MEDIUM |
CVE-2023-4569 |
kernel: information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-45862 |
kernel: drivers/usb/storage/ene_ub6250.c |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2023-45863 |
kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-46343 |
kernel: NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2023-47233 |
kernel: Use after free in brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm8 |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-52340 |
kernel: ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-52429 |
kernel: missing check for struct in dm-table.c can cause a crash |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-52434 |
kernel: smb: client: fix potential OOBs in smb2_parse_contexts() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-52435 |
kernel: net: prevent mss overflow in skb_segment() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-52436 |
kernel: f2fs: explicitly null-terminate the xattr list |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-52451 |
kernel: powerpc: Fix access beyond end of drmem array |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-52458 |
kernel: block: add check that partition length needs to be aligned with block size |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-52469 |
kernel: use-after-free in kv_parse_power_table |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-52470 |
kernel: null-ptr-deref in alloc_workqueue |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-6121 |
kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-6240 |
kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-6915 |
kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-7042 |
kernel: null pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-7192 |
kernel: refcount leak in ctnetlink_create_conntrack() |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
MEDIUM |
CVE-2024-0340 |
kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-0564 |
kernel: max page sharing of Kernel Samepage Merging (KSM) may cause memory deduplication |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-0607 |
kernel: nf_tables: pointer math issue in nft_byteorder_eval() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-0639 |
kernel: potential deadlock on &net->sctp.addr_wq_lock leading to DOS |
linux-libc-dev |
4.19.235-1 |
4.19.304-1 |
MEDIUM |
CVE-2024-1151 |
kernel: stack overflow problem in Open vSwitch kernel module leading to DoS |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-22099 |
NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on ... |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-22386 |
A race condition was found in the Linux kernel's drm/exynos device dri ... |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-23196 |
kernel: Race condition in snd_hdac_regmap_sync() in sound/hda |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-23848 |
kernel: use-after-free in cec_queue_msg_fh |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-23849 |
kernel: off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds ac |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-23851 |
kernel: copy_params can attempt to allocate more than INT_MAX bytes and crash |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-24855 |
kernel: Race condition in lpfc_unregister_fcf_rescan() in scsi/lpfc/lpfc_hbadisc.c |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-24857 |
kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-24858 |
kernel: net/bluetooth: race condition in {conn,adv}_{min,max}_interval_set() function |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-24859 |
A race condition was found in the Linux kernel's net/bluetooth in snif ... |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-24860 |
A race condition was found in the Linux kernel's bluetooth device driv ... |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-24861 |
A race condition was found in the Linux kernel's media/xc4000 device d ... |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-24864 |
A race condition was found in the Linux kernel's media/dvb-core in dvb ... |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-25739 |
kernel: crash due to a missing check for leb_size |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-25740 |
kernel: memory leak in ubi driver |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-25741 |
kernel: f_printer: crash leading to denial of service |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-26584 |
kernel: tls: handle backlogging of crypto requests |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-26586 |
kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-26593 |
kernel: i2c: i801: Fix block process call transactions |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-26598 |
kernel: kvm: Avoid potential UAF in LPI translation cache |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2024-26600 |
kernel: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP |
linux-libc-dev |
4.19.235-1 |
|
MEDIUM |
CVE-2023-4641 |
shadow-utils: possible password leak during passwd(1) change |
login |
1:4.5-1.1 |
|
MEDIUM |
CVE-2022-21427 |
mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
MEDIUM |
CVE-2022-38791 |
mariadb: compress_write() fails to release mutex on failure |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u1 |
MEDIUM |
CVE-2022-47015 |
mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.39-0+deb10u1 |
MEDIUM |
CVE-2023-22084 |
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.39-0+deb10u2 |
MEDIUM |
CVE-2020-19189 |
ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 |
ncurses-base |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u4 |
MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
ncurses-base |
6.1+20181013-2+deb10u2 |
|
MEDIUM |
CVE-2020-19189 |
ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 |
ncurses-bin |
6.1+20181013-2+deb10u2 |
6.1+20181013-2+deb10u4 |
MEDIUM |
CVE-2023-50495 |
ncurses: segmentation fault via _nc_wrap_entry() |
ncurses-bin |
6.1+20181013-2+deb10u2 |
|
MEDIUM |
CVE-2023-48795 |
ssh: Prefix truncation attack on Binary Packet Protocol (BPP) |
openssh-client |
1:7.9p1-10+deb10u2 |
1:7.9p1-10+deb10u4 |
MEDIUM |
CVE-2023-51385 |
openssh: potential command injection via shell metacharacters |
openssh-client |
1:7.9p1-10+deb10u2 |
1:7.9p1-10+deb10u4 |
MEDIUM |
CVE-2022-2097 |
openssl: AES OCB fails to encrypt some bytes |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
MEDIUM |
CVE-2022-4304 |
openssl: timing attack in RSA Decryption implementation |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u4 |
MEDIUM |
CVE-2023-0465 |
openssl: Invalid certificate policies in leaf certificates are silently ignored |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
MEDIUM |
CVE-2023-0466 |
openssl: Certificate policy check not enabled |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
MEDIUM |
CVE-2023-2650 |
openssl: Possible DoS translating ASN.1 object identifiers |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u5 |
MEDIUM |
CVE-2023-3446 |
openssl: Excessive time spent checking DH keys and parameters |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u6 |
MEDIUM |
CVE-2023-3817 |
OpenSSL: Excessive time spent checking DH q parameter value |
openssl |
1.1.1n-0+deb10u2 |
1.1.1n-0+deb10u6 |
MEDIUM |
CVE-2023-5678 |
openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or par |
openssl |
1.1.1n-0+deb10u2 |
|
MEDIUM |
CVE-2024-0727 |
openssl: denial of service via null dereference |
openssl |
1.1.1n-0+deb10u2 |
|
MEDIUM |
CVE-2023-4641 |
shadow-utils: possible password leak during passwd(1) change |
passwd |
1:4.5-1.1 |
|
MEDIUM |
CVE-2020-8492 |
python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2021-23336 |
python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolo |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2021-3733 |
python: urllib: Regular expression DoS in AbstractBasicAuthHandler |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2021-4189 |
python: ftplib should not use the host from the PASV response |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
python2.7 |
2.7.16-2+deb10u1 |
|
MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
python2.7 |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2020-8492 |
python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2021-23336 |
python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolo |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2021-3733 |
python: urllib: Regular expression DoS in AbstractBasicAuthHandler |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2021-4189 |
python: ftplib should not use the host from the PASV response |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u2 |
MEDIUM |
CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
python2.7-minimal |
2.7.16-2+deb10u1 |
|
MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
python2.7-minimal |
2.7.16-2+deb10u1 |
2.7.16-2+deb10u3 |
MEDIUM |
CVE-2021-23336 |
python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolo |
python3.7 |
3.7.3-2+deb10u3 |
|
MEDIUM |
CVE-2021-3426 |
python: Information disclosure via pydoc |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2021-3733 |
python: urllib: Regular expression DoS in AbstractBasicAuthHandler |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2021-4189 |
python: ftplib should not use the host from the PASV response |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2022-48564 |
python: DoS when processing malformed Apple Property List files in binary format |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
python3.7 |
3.7.3-2+deb10u3 |
|
MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
python3.7 |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2021-23336 |
python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolo |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
MEDIUM |
CVE-2021-3426 |
python: Information disclosure via pydoc |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2021-3733 |
python: urllib: Regular expression DoS in AbstractBasicAuthHandler |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2021-4189 |
python: ftplib should not use the host from the PASV response |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u5 |
MEDIUM |
CVE-2022-48564 |
python: DoS when processing malformed Apple Property List files in binary format |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2023-27043 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
MEDIUM |
CVE-2023-40217 |
python: TLS handshake bypass |
python3.7-minimal |
3.7.3-2+deb10u3 |
3.7.3-2+deb10u6 |
MEDIUM |
CVE-2022-0529 |
Heap out-of-bound writes and reads during conversion of wide string to local string |
unzip |
6.0-23+deb10u2 |
6.0-23+deb10u3 |
MEDIUM |
CVE-2022-0530 |
SIGSEGV during the conversion of an utf-8 string to a local string |
unzip |
6.0-23+deb10u2 |
6.0-23+deb10u3 |
MEDIUM |
CVE-2021-31879 |
wget: authorization header disclosure on redirect |
wget |
1.20.1-1.1 |
|
MEDIUM |
CVE-2023-26159 |
follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() |
follow-redirects |
1.15.2 |
1.15.4 |
MEDIUM |
CVE-2023-42282 |
nodejs-ip: arbitrary code execution via the isPublic() function |
ip |
1.1.5 |
2.0.1, 1.1.9 |
MEDIUM |
CVE-2023-42282 |
nodejs-ip: arbitrary code execution via the isPublic() function |
ip |
1.1.8 |
2.0.1, 1.1.9 |
MEDIUM |
CVE-2023-42282 |
nodejs-ip: arbitrary code execution via the isPublic() function |
ip |
2.0.0 |
2.0.1, 1.1.9 |
MEDIUM |
CVE-2023-42282 |
nodejs-ip: arbitrary code execution via the isPublic() function |
ip |
2.0.0 |
2.0.1, 1.1.9 |
MEDIUM |
CVE-2023-44270 |
An issue was discovered in PostCSS before 8.4.31. The vulnerability af ... |
postcss |
8.4.5 |
8.4.31 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
5.7.1 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
6.3.0 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
7.3.5 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
7.3.5 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-25883 |
nodejs-semver: Regular expression denial of service |
semver |
7.3.5 |
7.5.2, 6.3.1, 5.7.2 |
MEDIUM |
CVE-2022-29526 |
golang: syscall: faccessat checks wrong group |
golang.org/x/sys |
v0.0.0-20210908233432-aa78b53d3365 |
0.0.0-20220412211240-33da011f77ad |
LOW |
CVE-2011-3374 |
It was found that apt-key in apt, all versions, do not correctly valid ... |
apt |
1.8.2.3 |
|
LOW |
CVE-2019-18276 |
bash: when effective UID is not equal to its real UID the saved UID is not dropped |
bash |
5.0-4 |
|
LOW |
TEMP-0841856-B18BAF |
[Privilege escalation possible to other user than root] |
bash |
5.0-4 |
|
LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-1000876 |
binutils: integer overflow leads to heap-based buffer overflow in objdump |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-12697 |
binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-12698 |
binutils: excessive memory consumption in demangle_template in cplus-dem.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-12699 |
binutils: heap-based buffer overflow in finish_stab in stabs.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-17358 |
binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-17359 |
binutils: invalid memory access in bfd_zalloc in opncls.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-17360 |
binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-17794 |
binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted in |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-17985 |
binutils: Stack consumption problem caused by the cplus_demangle_type |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-18309 |
binutils: invalid memory address dereference in read_reloc in reloc.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-18484 |
binutils: Stack exhaustion in cp-demangle.c allows for denial of service |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-18605 |
binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-18606 |
binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-18607 |
binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-18700 |
binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demang |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-18701 |
binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-19931 |
binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of ser |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-19932 |
binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-20002 |
binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-20651 |
binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-20671 |
binutils: Integer overflow in load_specific_debug_section function |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-9138 |
binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty |
binutils |
2.31.1-16 |
|
LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-1010180 |
gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-1010204 |
Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and el |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-12972 |
binutils: out-of-bounds read in setup_group in bfd/elf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-14250 |
binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-14444 |
binutils: integer overflow in function apply_relocation in readelf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-17450 |
binutils: denial of service via crafted ELF file |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-17451 |
binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-9070 |
binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-9071 |
binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-9073 |
binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-9074 |
binutils: out-of-bound read in function bfd_getl32 in libbfd.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-9075 |
binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2019-9077 |
binutils: heap-based buffer overflow in function process_mips_specific in readelf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-16590 |
binutils: double free vulnerability in process_symbol_table could result in DoS |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-16591 |
binutils: invalid read in process_symbol_table could result in DoS |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-16592 |
binutils: use-after-free in bfd_hash_lookup could result in DoS |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-16593 |
binutils: Null Pointer Dereference in scan_unit_for_symbols could result in DoS |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-16599 |
binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-19724 |
binutils: memory leak in get_data() in nm.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-19726 |
binutils: heap-based buffer overflow in bfd_getl32() in bfd/libbfd.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-21490 |
binutils: memory leak in get_field() in microblaze-dis.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-35342 |
binutils: uninitialized heap memory in tic4x_print_cond() in opcodes/tic4x-dis.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-35493 |
heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF fil |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-35494 |
usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-35495 |
NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-35496 |
NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2020-35507 |
NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-20294 |
binutils: stack buffer overflow WRITE may lead to a DoS via a crafted ELF |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-3826 |
libiberty: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-46174 |
binutils: heap-based buffer overflow in bfd_getl32() in libbfd.c via objdump |
binutils |
2.31.1-16 |
|
LOW |
CVE-2021-46195 |
uncontrolled recursion in libiberty/rust-demangle.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-35205 |
binutils: reachable assertion in display_debug_names() in dwarf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-35206 |
binutils: NULL pointer dereference in read_and_display_attr_value() in dwarf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-38533 |
binutils: heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-4285 |
binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-44840 |
binutils: heap-based buffer overflow in find_section_in_set() in readelf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-45703 |
binutils: heap-based buffer overflow in display_debug_section() in readelf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-47007 |
binutils: memory leak in stab_demangle_v3_arg() in stabs.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-47008 |
binutils: memory leak in make_tempdir() and make_tempname() in bucomm.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-47010 |
binutils: memory leak in pr_function_type() in prdbg.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-47011 |
binutils: memory leak in parse_stab_struct_fields() in stabs.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-47673 |
binutils: out-of-bounds read in parse_module() in bfd/vms-alpha.c via addr2line |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-47695 |
binutils: uninitialized field in bfd_mach_o_get_synthetic_symtab() in match-o.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-47696 |
binutils: segmentation fault in compare_symbols() in objdump.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-48063 |
binutils: excessive memory consumption in load_separate_debug_files() in dwarf.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-48064 |
binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2022-48065 |
binutils: memory leak in find_abstract_instance() in dwarf2.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2023-1579 |
binutils: Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64 |
binutils |
2.31.1-16 |
|
LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
binutils |
2.31.1-16 |
|
LOW |
CVE-2023-25584 |
binutils: Out of bounds read in parse_module function in bfd/vms-alpha.c |
binutils |
2.31.1-16 |
|
LOW |
CVE-2023-25585 |
binutils: Field file_table of struct module *module is uninitialized |
binutils |
2.31.1-16 |
|
LOW |
CVE-2023-25586 |
binutils: Local variable ch_type in function bfd_init_section_decompress_status can be uninitial |
binutils |
2.31.1-16 |
|
LOW |
CVE-2023-25588 |
binutils: Field the_bfd of asymbol is uninitialized in function `bfd_mach_o_get_synthetic_symtab |
binutils |
2.31.1-16 |
|
LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-1000876 |
binutils: integer overflow leads to heap-based buffer overflow in objdump |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-12697 |
binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-12698 |
binutils: excessive memory consumption in demangle_template in cplus-dem.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-12699 |
binutils: heap-based buffer overflow in finish_stab in stabs.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-17358 |
binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-17359 |
binutils: invalid memory access in bfd_zalloc in opncls.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-17360 |
binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-17794 |
binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted in |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-17985 |
binutils: Stack consumption problem caused by the cplus_demangle_type |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-18309 |
binutils: invalid memory address dereference in read_reloc in reloc.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-18484 |
binutils: Stack exhaustion in cp-demangle.c allows for denial of service |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-18605 |
binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-18606 |
binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-18607 |
binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-18700 |
binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demang |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-18701 |
binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-19931 |
binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of ser |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-19932 |
binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-20002 |
binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-20651 |
binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-20671 |
binutils: Integer overflow in load_specific_debug_section function |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-9138 |
binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-1010180 |
gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-1010204 |
Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and el |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-12972 |
binutils: out-of-bounds read in setup_group in bfd/elf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-14250 |
binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-14444 |
binutils: integer overflow in function apply_relocation in readelf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-17450 |
binutils: denial of service via crafted ELF file |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-17451 |
binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-9070 |
binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-9071 |
binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-9073 |
binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-9074 |
binutils: out-of-bound read in function bfd_getl32 in libbfd.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-9075 |
binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2019-9077 |
binutils: heap-based buffer overflow in function process_mips_specific in readelf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-16590 |
binutils: double free vulnerability in process_symbol_table could result in DoS |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-16591 |
binutils: invalid read in process_symbol_table could result in DoS |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-16592 |
binutils: use-after-free in bfd_hash_lookup could result in DoS |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-16593 |
binutils: Null Pointer Dereference in scan_unit_for_symbols could result in DoS |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-16599 |
binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-19724 |
binutils: memory leak in get_data() in nm.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-19726 |
binutils: heap-based buffer overflow in bfd_getl32() in bfd/libbfd.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-21490 |
binutils: memory leak in get_field() in microblaze-dis.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-35342 |
binutils: uninitialized heap memory in tic4x_print_cond() in opcodes/tic4x-dis.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-35493 |
heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF fil |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-35494 |
usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-35495 |
NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-35496 |
NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2020-35507 |
NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-20294 |
binutils: stack buffer overflow WRITE may lead to a DoS via a crafted ELF |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-3826 |
libiberty: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-46174 |
binutils: heap-based buffer overflow in bfd_getl32() in libbfd.c via objdump |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2021-46195 |
uncontrolled recursion in libiberty/rust-demangle.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-35205 |
binutils: reachable assertion in display_debug_names() in dwarf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-35206 |
binutils: NULL pointer dereference in read_and_display_attr_value() in dwarf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-38533 |
binutils: heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-4285 |
binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-44840 |
binutils: heap-based buffer overflow in find_section_in_set() in readelf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-45703 |
binutils: heap-based buffer overflow in display_debug_section() in readelf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-47007 |
binutils: memory leak in stab_demangle_v3_arg() in stabs.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-47008 |
binutils: memory leak in make_tempdir() and make_tempname() in bucomm.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-47010 |
binutils: memory leak in pr_function_type() in prdbg.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-47011 |
binutils: memory leak in parse_stab_struct_fields() in stabs.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-47673 |
binutils: out-of-bounds read in parse_module() in bfd/vms-alpha.c via addr2line |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-47695 |
binutils: uninitialized field in bfd_mach_o_get_synthetic_symtab() in match-o.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-47696 |
binutils: segmentation fault in compare_symbols() in objdump.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-48063 |
binutils: excessive memory consumption in load_separate_debug_files() in dwarf.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-48064 |
binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2022-48065 |
binutils: memory leak in find_abstract_instance() in dwarf2.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2023-1579 |
binutils: Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64 |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2023-25584 |
binutils: Out of bounds read in parse_module function in bfd/vms-alpha.c |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2023-25585 |
binutils: Field file_table of struct module *module is uninitialized |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2023-25586 |
binutils: Local variable ch_type in function bfd_init_section_decompress_status can be uninitial |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2023-25588 |
binutils: Field the_bfd of asymbol is uninitialized in function `bfd_mach_o_get_synthetic_symtab |
binutils-common |
2.31.1-16 |
|
LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-1000876 |
binutils: integer overflow leads to heap-based buffer overflow in objdump |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-12697 |
binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-12698 |
binutils: excessive memory consumption in demangle_template in cplus-dem.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-12699 |
binutils: heap-based buffer overflow in finish_stab in stabs.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-17358 |
binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-17359 |
binutils: invalid memory access in bfd_zalloc in opncls.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-17360 |
binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-17794 |
binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted in |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-17985 |
binutils: Stack consumption problem caused by the cplus_demangle_type |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-18309 |
binutils: invalid memory address dereference in read_reloc in reloc.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-18484 |
binutils: Stack exhaustion in cp-demangle.c allows for denial of service |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-18605 |
binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-18606 |
binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-18607 |
binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-18700 |
binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demang |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-18701 |
binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-19931 |
binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of ser |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-19932 |
binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-20002 |
binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-20651 |
binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-20671 |
binutils: Integer overflow in load_specific_debug_section function |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-9138 |
binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-1010180 |
gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-1010204 |
Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and el |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-12972 |
binutils: out-of-bounds read in setup_group in bfd/elf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-14250 |
binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-14444 |
binutils: integer overflow in function apply_relocation in readelf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-17450 |
binutils: denial of service via crafted ELF file |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-17451 |
binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-9070 |
binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-9071 |
binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-9073 |
binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-9074 |
binutils: out-of-bound read in function bfd_getl32 in libbfd.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-9075 |
binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2019-9077 |
binutils: heap-based buffer overflow in function process_mips_specific in readelf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-16590 |
binutils: double free vulnerability in process_symbol_table could result in DoS |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-16591 |
binutils: invalid read in process_symbol_table could result in DoS |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-16592 |
binutils: use-after-free in bfd_hash_lookup could result in DoS |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-16593 |
binutils: Null Pointer Dereference in scan_unit_for_symbols could result in DoS |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-16599 |
binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-19724 |
binutils: memory leak in get_data() in nm.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-19726 |
binutils: heap-based buffer overflow in bfd_getl32() in bfd/libbfd.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-21490 |
binutils: memory leak in get_field() in microblaze-dis.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-35342 |
binutils: uninitialized heap memory in tic4x_print_cond() in opcodes/tic4x-dis.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-35493 |
heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF fil |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-35494 |
usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-35495 |
NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-35496 |
NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2020-35507 |
NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-20294 |
binutils: stack buffer overflow WRITE may lead to a DoS via a crafted ELF |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-3826 |
libiberty: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-46174 |
binutils: heap-based buffer overflow in bfd_getl32() in libbfd.c via objdump |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-46195 |
uncontrolled recursion in libiberty/rust-demangle.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-35205 |
binutils: reachable assertion in display_debug_names() in dwarf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-35206 |
binutils: NULL pointer dereference in read_and_display_attr_value() in dwarf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-38533 |
binutils: heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-4285 |
binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-44840 |
binutils: heap-based buffer overflow in find_section_in_set() in readelf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-45703 |
binutils: heap-based buffer overflow in display_debug_section() in readelf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-47007 |
binutils: memory leak in stab_demangle_v3_arg() in stabs.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-47008 |
binutils: memory leak in make_tempdir() and make_tempname() in bucomm.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-47010 |
binutils: memory leak in pr_function_type() in prdbg.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-47011 |
binutils: memory leak in parse_stab_struct_fields() in stabs.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-47673 |
binutils: out-of-bounds read in parse_module() in bfd/vms-alpha.c via addr2line |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-47695 |
binutils: uninitialized field in bfd_mach_o_get_synthetic_symtab() in match-o.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-47696 |
binutils: segmentation fault in compare_symbols() in objdump.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-48063 |
binutils: excessive memory consumption in load_separate_debug_files() in dwarf.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-48064 |
binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2022-48065 |
binutils: memory leak in find_abstract_instance() in dwarf2.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2023-1579 |
binutils: Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64 |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2023-25584 |
binutils: Out of bounds read in parse_module function in bfd/vms-alpha.c |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2023-25585 |
binutils: Field file_table of struct module *module is uninitialized |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2023-25586 |
binutils: Local variable ch_type in function bfd_init_section_decompress_status can be uninitial |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2023-25588 |
binutils: Field the_bfd of asymbol is uninitialized in function `bfd_mach_o_get_synthetic_symtab |
binutils-x86-64-linux-gnu |
2.31.1-16 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
bsdutils |
1:2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
bsdutils |
1:2.33.1-0.1 |
|
LOW |
CVE-2016-2781 |
coreutils: Non-privileged session can escape to the parent session in chroot |
coreutils |
8.30-3 |
|
LOW |
CVE-2017-18018 |
coreutils: race condition vulnerability in chown and chgrp |
coreutils |
8.30-3 |
|
LOW |
CVE-2020-19909 |
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a ... |
curl |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22898 |
TELNET stack contents disclosure |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
LOW |
CVE-2021-22922 |
Content not matching hash in Metalink is not being discarded |
curl |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22923 |
Metalink download sends credentials |
curl |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22924 |
Bad connection reuse due to flawed path name checks |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
LOW |
CVE-2022-35252 |
curl: Incorrect handling of control code characters in cookies |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
LOW |
CVE-2023-28320 |
curl: siglongjmp race condition may lead to crash |
curl |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2023-28322 |
curl: more POST-after-PUT confusion |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u8 |
LOW |
CVE-2023-38546 |
curl: cookie injection with none file |
curl |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u7 |
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
dirmngr |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
dirmngr |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
fdisk |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
fdisk |
2.33.1-0.1 |
|
LOW |
CVE-2018-1000021 |
git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages t |
git |
1:2.20.1-2+deb10u3 |
|
LOW |
CVE-2022-24975 |
git: The --mirror option for git leaks secret for deleted content, aka the "GitBleed" |
git |
1:2.20.1-2+deb10u3 |
|
LOW |
CVE-2023-25815 |
git: malicious placement of crafted messages when git was compiled with runtime prefix |
git |
1:2.20.1-2+deb10u3 |
|
LOW |
CVE-2018-1000021 |
git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages t |
git-man |
1:2.20.1-2+deb10u3 |
|
LOW |
CVE-2022-24975 |
git: The --mirror option for git leaks secret for deleted content, aka the "GitBleed" |
git-man |
1:2.20.1-2+deb10u3 |
|
LOW |
CVE-2023-25815 |
git: malicious placement of crafted messages when git was compiled with runtime prefix |
git-man |
1:2.20.1-2+deb10u3 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gnupg |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gnupg |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gnupg-l10n |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gnupg-l10n |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gnupg-utils |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gnupg-utils |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gpg |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpg |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gpg-agent |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpg-agent |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gpg-wks-client |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpg-wks-client |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gpg-wks-server |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpg-wks-server |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gpgconf |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpgconf |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gpgsm |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpgsm |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gpgv |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2022-3219 |
denial of service issue (resource consumption) using compressed packets |
gpgv |
2.2.12-1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
krb5-multidev |
1.17-3+deb10u3 |
|
LOW |
CVE-2011-3374 |
It was found that apt-key in apt, all versions, do not correctly valid ... |
libapt-pkg5.0 |
1.8.2.3 |
|
LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-1000876 |
binutils: integer overflow leads to heap-based buffer overflow in objdump |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-12697 |
binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-12698 |
binutils: excessive memory consumption in demangle_template in cplus-dem.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-12699 |
binutils: heap-based buffer overflow in finish_stab in stabs.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-17358 |
binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-17359 |
binutils: invalid memory access in bfd_zalloc in opncls.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-17360 |
binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-17794 |
binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted in |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-17985 |
binutils: Stack consumption problem caused by the cplus_demangle_type |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-18309 |
binutils: invalid memory address dereference in read_reloc in reloc.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-18484 |
binutils: Stack exhaustion in cp-demangle.c allows for denial of service |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-18605 |
binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-18606 |
binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-18607 |
binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-18700 |
binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demang |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-18701 |
binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-19931 |
binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of ser |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-19932 |
binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-20002 |
binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-20651 |
binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-20671 |
binutils: Integer overflow in load_specific_debug_section function |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-9138 |
binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-1010180 |
gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-1010204 |
Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and el |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-12972 |
binutils: out-of-bounds read in setup_group in bfd/elf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-14250 |
binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-14444 |
binutils: integer overflow in function apply_relocation in readelf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-17450 |
binutils: denial of service via crafted ELF file |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-17451 |
binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-9070 |
binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-9071 |
binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-9073 |
binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-9074 |
binutils: out-of-bound read in function bfd_getl32 in libbfd.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-9075 |
binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2019-9077 |
binutils: heap-based buffer overflow in function process_mips_specific in readelf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-16590 |
binutils: double free vulnerability in process_symbol_table could result in DoS |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-16591 |
binutils: invalid read in process_symbol_table could result in DoS |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-16592 |
binutils: use-after-free in bfd_hash_lookup could result in DoS |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-16593 |
binutils: Null Pointer Dereference in scan_unit_for_symbols could result in DoS |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-16599 |
binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-19724 |
binutils: memory leak in get_data() in nm.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-19726 |
binutils: heap-based buffer overflow in bfd_getl32() in bfd/libbfd.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-21490 |
binutils: memory leak in get_field() in microblaze-dis.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-35342 |
binutils: uninitialized heap memory in tic4x_print_cond() in opcodes/tic4x-dis.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-35493 |
heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF fil |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-35494 |
usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-35495 |
NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-35496 |
NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2020-35507 |
NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-20294 |
binutils: stack buffer overflow WRITE may lead to a DoS via a crafted ELF |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-32256 |
binutils: stack-overflow issue in demangle_type in rust-demangle.c. |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-3826 |
libiberty: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-46174 |
binutils: heap-based buffer overflow in bfd_getl32() in libbfd.c via objdump |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-46195 |
uncontrolled recursion in libiberty/rust-demangle.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-35205 |
binutils: reachable assertion in display_debug_names() in dwarf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-35206 |
binutils: NULL pointer dereference in read_and_display_attr_value() in dwarf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-38533 |
binutils: heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-4285 |
binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-44840 |
binutils: heap-based buffer overflow in find_section_in_set() in readelf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-45703 |
binutils: heap-based buffer overflow in display_debug_section() in readelf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-47007 |
binutils: memory leak in stab_demangle_v3_arg() in stabs.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-47008 |
binutils: memory leak in make_tempdir() and make_tempname() in bucomm.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-47010 |
binutils: memory leak in pr_function_type() in prdbg.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-47011 |
binutils: memory leak in parse_stab_struct_fields() in stabs.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-47673 |
binutils: out-of-bounds read in parse_module() in bfd/vms-alpha.c via addr2line |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-47695 |
binutils: uninitialized field in bfd_mach_o_get_synthetic_symtab() in match-o.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-47696 |
binutils: segmentation fault in compare_symbols() in objdump.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-48063 |
binutils: excessive memory consumption in load_separate_debug_files() in dwarf.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-48064 |
binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2022-48065 |
binutils: memory leak in find_abstract_instance() in dwarf2.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2023-1579 |
binutils: Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64 |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2023-1972 |
binutils: Illegal memory access when accessing a zer0-lengthverdef table |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2023-25584 |
binutils: Out of bounds read in parse_module function in bfd/vms-alpha.c |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2023-25585 |
binutils: Field file_table of struct module *module is uninitialized |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2023-25586 |
binutils: Local variable ch_type in function bfd_init_section_decompress_status can be uninitial |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2023-25588 |
binutils: Field the_bfd of asymbol is uninitialized in function `bfd_mach_o_get_synthetic_symtab |
libbinutils |
2.31.1-16 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libblkid-dev |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libblkid-dev |
2.33.1-0.1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libblkid1 |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libblkid1 |
2.33.1-0.1 |
|
LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-19126 |
glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2021-27645 |
glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c |
libc-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc-dev-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-dev-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc-dev-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc-dev-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc-dev-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc-dev-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-19126 |
glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-dev-bin |
2.28-10+deb10u1 |
|
LOW |
CVE-2021-27645 |
glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c |
libc-dev-bin |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc6 |
2.28-10+deb10u1 |
|
LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6 |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc6 |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc6 |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc6 |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc6 |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-19126 |
glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6 |
2.28-10+deb10u1 |
|
LOW |
CVE-2021-27645 |
glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c |
libc6 |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc6-dev |
2.28-10+deb10u1 |
|
LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6-dev |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc6-dev |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc6-dev |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc6-dev |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc6-dev |
2.28-10+deb10u1 |
|
LOW |
CVE-2019-19126 |
glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6-dev |
2.28-10+deb10u1 |
|
LOW |
CVE-2021-27645 |
glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c |
libc6-dev |
2.28-10+deb10u1 |
2.28-10+deb10u2 |
LOW |
CVE-2017-7475 |
cairo: NULL pointer dereference with a crafted font file |
libcairo-gobject2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2018-18064 |
cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document |
libcairo-gobject2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2019-6461 |
cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c |
libcairo-gobject2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2019-6462 |
cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c |
libcairo-gobject2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2017-7475 |
cairo: NULL pointer dereference with a crafted font file |
libcairo-script-interpreter2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2018-18064 |
cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document |
libcairo-script-interpreter2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2019-6461 |
cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c |
libcairo-script-interpreter2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2019-6462 |
cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c |
libcairo-script-interpreter2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2017-7475 |
cairo: NULL pointer dereference with a crafted font file |
libcairo2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2018-18064 |
cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document |
libcairo2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2019-6461 |
cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c |
libcairo2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2019-6462 |
cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c |
libcairo2 |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2017-7475 |
cairo: NULL pointer dereference with a crafted font file |
libcairo2-dev |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2018-18064 |
cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document |
libcairo2-dev |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2019-6461 |
cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c |
libcairo2-dev |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2019-6462 |
cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c |
libcairo2-dev |
1.16.0-4+deb10u1 |
|
LOW |
CVE-2017-8834 |
Memory allocation failure in the cr_tknzr_parse_comment function |
libcroco3 |
0.6.12-3 |
|
LOW |
CVE-2017-8871 |
Infinite loop in the cr_parser_parse_selector_core function |
libcroco3 |
0.6.12-3 |
|
LOW |
CVE-2020-12825 |
libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c |
libcroco3 |
0.6.12-3 |
|
LOW |
CVE-2020-19909 |
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a ... |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22898 |
TELNET stack contents disclosure |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
LOW |
CVE-2021-22922 |
Content not matching hash in Metalink is not being discarded |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22923 |
Metalink download sends credentials |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22924 |
Bad connection reuse due to flawed path name checks |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
LOW |
CVE-2022-35252 |
curl: Incorrect handling of control code characters in cookies |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
LOW |
CVE-2023-28320 |
curl: siglongjmp race condition may lead to crash |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2023-28322 |
curl: more POST-after-PUT confusion |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u8 |
LOW |
CVE-2023-38546 |
curl: cookie injection with none file |
libcurl3-gnutls |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u7 |
LOW |
CVE-2020-19909 |
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a ... |
libcurl4 |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22898 |
TELNET stack contents disclosure |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
LOW |
CVE-2021-22922 |
Content not matching hash in Metalink is not being discarded |
libcurl4 |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22923 |
Metalink download sends credentials |
libcurl4 |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22924 |
Bad connection reuse due to flawed path name checks |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
LOW |
CVE-2022-35252 |
curl: Incorrect handling of control code characters in cookies |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
LOW |
CVE-2023-28320 |
curl: siglongjmp race condition may lead to crash |
libcurl4 |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2023-28322 |
curl: more POST-after-PUT confusion |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u8 |
LOW |
CVE-2023-38546 |
curl: cookie injection with none file |
libcurl4 |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u7 |
LOW |
CVE-2020-19909 |
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a ... |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22898 |
TELNET stack contents disclosure |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
LOW |
CVE-2021-22922 |
Content not matching hash in Metalink is not being discarded |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22923 |
Metalink download sends credentials |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2021-22924 |
Bad connection reuse due to flawed path name checks |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u3 |
LOW |
CVE-2022-35252 |
curl: Incorrect handling of control code characters in cookies |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u4 |
LOW |
CVE-2023-28320 |
curl: siglongjmp race condition may lead to crash |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
|
LOW |
CVE-2023-28322 |
curl: more POST-after-PUT confusion |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u8 |
LOW |
CVE-2023-38546 |
curl: cookie injection with none file |
libcurl4-openssl-dev |
7.64.0-4+deb10u2 |
7.64.0-4+deb10u7 |
LOW |
CVE-2021-33294 |
elfutils: an infinite loop was found in the function handle_symtab in readelf.c which causes denial |
libelf1 |
0.176-1.1 |
|
LOW |
CVE-2024-25260 |
elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname. |
libelf1 |
0.176-1.1 |
|
LOW |
CVE-2013-0340 |
expat: internal entity expansion |
libexpat1 |
2.2.6-2+deb10u4 |
|
LOW |
CVE-2013-0340 |
expat: internal entity expansion |
libexpat1-dev |
2.2.6-2+deb10u4 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libfdisk1 |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libfdisk1 |
2.33.1-0.1 |
|
LOW |
CVE-2022-31782 |
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ... |
libfreetype6 |
2.9.1-3+deb10u2 |
|
LOW |
CVE-2022-31782 |
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ... |
libfreetype6-dev |
2.9.1-3+deb10u2 |
|
LOW |
CVE-2018-6829 |
libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintex |
libgcrypt20 |
1.8.4-5+deb10u1 |
|
LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-0 |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2020-35457 |
GNOME GLib before 2.65.3 has an integer overflow, that might lead to a ... |
libglib2.0-0 |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-bin |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2020-35457 |
GNOME GLib before 2.65.3 has an integer overflow, that might lead to a ... |
libglib2.0-bin |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-data |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2020-35457 |
GNOME GLib before 2.65.3 has an integer overflow, that might lead to a ... |
libglib2.0-data |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-dev |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2020-35457 |
GNOME GLib before 2.65.3 has an integer overflow, that might lead to a ... |
libglib2.0-dev |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-dev-bin |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2020-35457 |
GNOME GLib before 2.65.3 has an integer overflow, that might lead to a ... |
libglib2.0-dev-bin |
2.58.3-2+deb10u3 |
|
LOW |
CVE-2011-3389 |
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) |
libgnutls-dane0 |
3.6.7-4+deb10u7 |
|
LOW |
CVE-2011-3389 |
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) |
libgnutls-openssl27 |
3.6.7-4+deb10u7 |
|
LOW |
CVE-2011-3389 |
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) |
libgnutls28-dev |
3.6.7-4+deb10u7 |
|
LOW |
CVE-2011-3389 |
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) |
libgnutls30 |
3.6.7-4+deb10u7 |
|
LOW |
CVE-2011-3389 |
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) |
libgnutlsxx28 |
3.6.7-4+deb10u7 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libgssapi-krb5-2 |
1.17-3+deb10u3 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libgssrpc4 |
1.17-3+deb10u3 |
|
LOW |
CVE-2017-9937 |
libtiff: memory malloc failure in tif_jbig.c could cause DOS. |
libjbig-dev |
2.1-3.1+b2 |
|
LOW |
CVE-2017-9937 |
libtiff: memory malloc failure in tif_jbig.c could cause DOS. |
libjbig0 |
2.1-3.1+b2 |
|
LOW |
CVE-2017-15232 |
libjpeg-turbo: NULL pointer dereference in jdpostct.c and jquant1.c |
libjpeg-dev |
1:1.5.2-2+deb10u1 |
|
LOW |
CVE-2018-11813 |
"cjpeg" utility large loop because read_pixel in rdtarga.c mishandles EOF |
libjpeg-dev |
1:1.5.2-2+deb10u1 |
|
LOW |
CVE-2020-17541 |
Stack-based buffer overflow in the "transform" component |
libjpeg-dev |
1:1.5.2-2+deb10u1 |
|
LOW |
CVE-2017-15232 |
libjpeg-turbo: NULL pointer dereference in jdpostct.c and jquant1.c |
libjpeg62-turbo |
1:1.5.2-2+deb10u1 |
|
LOW |
CVE-2018-11813 |
"cjpeg" utility large loop because read_pixel in rdtarga.c mishandles EOF |
libjpeg62-turbo |
1:1.5.2-2+deb10u1 |
|
LOW |
CVE-2020-17541 |
Stack-based buffer overflow in the "transform" component |
libjpeg62-turbo |
1:1.5.2-2+deb10u1 |
|
LOW |
CVE-2017-15232 |
libjpeg-turbo: NULL pointer dereference in jdpostct.c and jquant1.c |
libjpeg62-turbo-dev |
1:1.5.2-2+deb10u1 |
|
LOW |
CVE-2018-11813 |
"cjpeg" utility large loop because read_pixel in rdtarga.c mishandles EOF |
libjpeg62-turbo-dev |
1:1.5.2-2+deb10u1 |
|
LOW |
CVE-2020-17541 |
Stack-based buffer overflow in the "transform" component |
libjpeg62-turbo-dev |
1:1.5.2-2+deb10u1 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libk5crypto3 |
1.17-3+deb10u3 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkadm5clnt-mit11 |
1.17-3+deb10u3 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkadm5srv-mit11 |
1.17-3+deb10u3 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkdb5-9 |
1.17-3+deb10u3 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkrb5-3 |
1.17-3+deb10u3 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkrb5-dev |
1.17-3+deb10u3 |
|
LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkrb5support0 |
1.17-3+deb10u3 |
|
LOW |
CVE-2015-3276 |
incorrect multi-keyword mode cipherstring parsing |
libldap-2.4-2 |
2.4.47+dfsg-3+deb10u7 |
|
LOW |
CVE-2017-14159 |
openldap: Privilege escalation via PID file manipulation |
libldap-2.4-2 |
2.4.47+dfsg-3+deb10u7 |
|
LOW |
CVE-2017-17740 |
openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers |
libldap-2.4-2 |
2.4.47+dfsg-3+deb10u7 |
|
LOW |
CVE-2020-15719 |
openldap: Certificate validation incorrectly matches name against CN-ID |
libldap-2.4-2 |
2.4.47+dfsg-3+deb10u7 |
|
LOW |
CVE-2015-3276 |
incorrect multi-keyword mode cipherstring parsing |
libldap-common |
2.4.47+dfsg-3+deb10u7 |
|
LOW |
CVE-2017-14159 |
openldap: Privilege escalation via PID file manipulation |
libldap-common |
2.4.47+dfsg-3+deb10u7 |
|
LOW |
CVE-2017-17740 |
openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers |
libldap-common |
2.4.47+dfsg-3+deb10u7 |
|
LOW |
CVE-2020-15719 |
openldap: Certificate validation incorrectly matches name against CN-ID |
libldap-common |
2.4.47+dfsg-3+deb10u7 |
|
LOW |
CVE-2019-17543 |
lz4: heap-based buffer overflow in LZ4_write32 |
liblz4-1 |
1.8.3-1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2005-0406 |
A design flaw in image processing software that modifies JPEG images m ... |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2008-3134 |
GraphicsMagick/ImageMagick: multiple crash or DoS issues |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2016-8678 |
ImageMagick: Heap-buffer overflow in IsPixelMonochrome |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11754 |
ImageMagick: Memory leak in WritePICONImage function |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-11755 |
ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2017-7275 |
ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2018-15607 |
ImageMagick: CPU Exhaustion via crafted input file |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-13310 |
memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2019-16709 |
ImageMagick: memory leak in coders/dps.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-25666 |
ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-25675 |
ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27560 |
ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27751 |
ImageMagick: integer overflow in MagickCore/quantum-export.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27753 |
ImageMagick: memory leaks in AcquireMagickMemory function |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27754 |
ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27755 |
ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2020-27757 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27758 |
ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27759 |
ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27761 |
ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27763 |
ImageMagick: division by zero at MagickCore/resize.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27764 |
outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27765 |
ImageMagick: division by zero at MagickCore/segment.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27767 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27768 |
ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27769 |
ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27771 |
ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27772 |
ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27773 |
ImageMagick: division by zero at MagickCore/gem-private.h |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27774 |
ImageMagick: integer overflow at MagickCore/statistic.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27775 |
ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2020-27776 |
ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-20311 |
ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-3574 |
ImageMagick: memory leaks with convert command |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW |
CVE-2021-39212 |
ImageMagick: possible read or write in postscript files |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW |
CVE-2023-34152 |
RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libmount-dev |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libmount-dev |
2.33.1-0.1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libmount1 |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libmount1 |
2.33.1-0.1 |
|
LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncurses-dev |
6.1+20181013-2+deb10u2 |
|
LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncurses5-dev |
6.1+20181013-2+deb10u2 |
|
LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncurses6 |
6.1+20181013-2+deb10u2 |
|
LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncursesw5-dev |
6.1+20181013-2+deb10u2 |
|
LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libncursesw6 |
6.1+20181013-2+deb10u2 |
|
LOW |
CVE-2017-14988 |
OpenEXR: Excessive memory allocation in Header::readfrom |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
|
LOW |
CVE-2018-18443 |
OpenEXR: Memory leak in ThreadPool in in IlmBase/IlmThread/IlmThreadPool.cpp |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
|
LOW |
CVE-2021-20304 |
OpenEXR: Undefined-shift in Imf_2_5::hufDecode |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
|
LOW |
CVE-2021-26945 |
DeepTiledInputPart> |
libopenexr-dev |
2.2.1-4.1+deb10u1 |
|
LOW |
CVE-2017-14988 |
OpenEXR: Excessive memory allocation in Header::readfrom |
libopenexr23 |
2.2.1-4.1+deb10u1 |
|
LOW |
CVE-2018-18443 |
OpenEXR: Memory leak in ThreadPool in in IlmBase/IlmThread/IlmThreadPool.cpp |
libopenexr23 |
2.2.1-4.1+deb10u1 |
|
LOW |
CVE-2021-20304 |
OpenEXR: Undefined-shift in Imf_2_5::hufDecode |
libopenexr23 |
2.2.1-4.1+deb10u1 |
|
LOW |
CVE-2021-26945 |
DeepTiledInputPart> |
libopenexr23 |
2.2.1-4.1+deb10u1 |
|
LOW |
CVE-2016-10505 |
NULL pointer dereference in imagetopnm function in convert.c |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-10506 |
Division by zero in functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9113 |
CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security i |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9114 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9115 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9116 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9117 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9580 |
Integer overflow in tiftoimage causes heap buffer overflow |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9581 |
Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1 |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2017-17479 |
openjpeg: Stack-buffer overflow in the pgxtoimage function |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-16375 |
openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-16376 |
openjpeg: Heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-20845 |
openjpeg: division-by-zero in functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-20846 |
openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-5727 |
openjpeg: integer overflow in opj_t1_encode_cblks in src/lib/openjp2/t1.c |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-7648 |
An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. Th ... |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2019-6988 |
openjpeg: DoS via memory exhaustion in opj_decompress |
libopenjp2-7 |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-10505 |
NULL pointer dereference in imagetopnm function in convert.c |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-10506 |
Division by zero in functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9113 |
CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security i |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9114 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9115 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9116 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9117 |
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multi |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9580 |
Integer overflow in tiftoimage causes heap buffer overflow |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2016-9581 |
Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1 |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2017-17479 |
openjpeg: Stack-buffer overflow in the pgxtoimage function |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-16375 |
openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-16376 |
openjpeg: Heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-20845 |
openjpeg: division-by-zero in functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-20846 |
openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-5727 |
openjpeg: integer overflow in opj_t1_encode_cblks in src/lib/openjp2/t1.c |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2018-7648 |
An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. Th ... |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2019-6988 |
openjpeg: DoS via memory exhaustion in opj_decompress |
libopenjp2-7-dev |
2.3.0-2+deb10u2 |
|
LOW |
CVE-2017-11164 |
OP_KETRMAX feature in the match function in pcre_exec.c |
libpcre16-3 |
2:8.39-12 |
|
LOW |
CVE-2017-16231 |
pcre: self-recursive call in match() in pcre_exec.c leads to denial of service |
libpcre16-3 |
2:8.39-12 |
|
LOW |
CVE-2017-7245 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcre16-3 |
2:8.39-12 |
|
LOW |
CVE-2017-7246 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcre16-3 |
2:8.39-12 |
|
LOW |
CVE-2019-20838 |
pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 |
libpcre16-3 |
2:8.39-12 |
|
LOW |
CVE-2022-41409 |
pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop |
libpcre2-8-0 |
10.32-5 |
|
LOW |
CVE-2017-11164 |
OP_KETRMAX feature in the match function in pcre_exec.c |
libpcre3 |
2:8.39-12 |
|
LOW |
CVE-2017-16231 |
pcre: self-recursive call in match() in pcre_exec.c leads to denial of service |
libpcre3 |
2:8.39-12 |
|
LOW |
CVE-2017-7245 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcre3 |
2:8.39-12 |
|
LOW |
CVE-2017-7246 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcre3 |
2:8.39-12 |
|
LOW |
CVE-2019-20838 |
pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 |
libpcre3 |
2:8.39-12 |
|
LOW |
CVE-2017-11164 |
OP_KETRMAX feature in the match function in pcre_exec.c |
libpcre3-dev |
2:8.39-12 |
|
LOW |
CVE-2017-16231 |
pcre: self-recursive call in match() in pcre_exec.c leads to denial of service |
libpcre3-dev |
2:8.39-12 |
|
LOW |
CVE-2017-7245 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcre3-dev |
2:8.39-12 |
|
LOW |
CVE-2017-7246 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcre3-dev |
2:8.39-12 |
|
LOW |
CVE-2019-20838 |
pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 |
libpcre3-dev |
2:8.39-12 |
|
LOW |
CVE-2017-11164 |
OP_KETRMAX feature in the match function in pcre_exec.c |
libpcre32-3 |
2:8.39-12 |
|
LOW |
CVE-2017-16231 |
pcre: self-recursive call in match() in pcre_exec.c leads to denial of service |
libpcre32-3 |
2:8.39-12 |
|
LOW |
CVE-2017-7245 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcre32-3 |
2:8.39-12 |
|
LOW |
CVE-2017-7246 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcre32-3 |
2:8.39-12 |
|
LOW |
CVE-2019-20838 |
pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 |
libpcre32-3 |
2:8.39-12 |
|
LOW |
CVE-2017-11164 |
OP_KETRMAX feature in the match function in pcre_exec.c |
libpcrecpp0v5 |
2:8.39-12 |
|
LOW |
CVE-2017-16231 |
pcre: self-recursive call in match() in pcre_exec.c leads to denial of service |
libpcrecpp0v5 |
2:8.39-12 |
|
LOW |
CVE-2017-7245 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcrecpp0v5 |
2:8.39-12 |
|
LOW |
CVE-2017-7246 |
stack-based buffer overflow write in pcre32_copy_substring |
libpcrecpp0v5 |
2:8.39-12 |
|
LOW |
CVE-2019-20838 |
pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 |
libpcrecpp0v5 |
2:8.39-12 |
|
LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
libperl5.28 |
5.28.1-6+deb10u1 |
|
LOW |
CVE-2023-31486 |
http-tiny: insecure TLS cert default |
libperl5.28 |
5.28.1-6+deb10u1 |
|
LOW |
CVE-2023-37769 |
stress-test master commit e4c878 was discovered to contain a FPE vulne ... |
libpixman-1-0 |
0.36.0-1 |
|
LOW |
CVE-2023-37769 |
stress-test master commit e4c878 was discovered to contain a FPE vulne ... |
libpixman-1-dev |
0.36.0-1 |
|
LOW |
CVE-2018-14048 |
png_free_data function causing denial of service |
libpng-dev |
1.6.36-6 |
|
LOW |
CVE-2018-14550 |
libpng: Stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token() potentially leading to |
libpng-dev |
1.6.36-6 |
|
LOW |
CVE-2019-6129 |
libpng: memory leak of png_info struct in pngcp.c |
libpng-dev |
1.6.36-6 |
|
LOW |
CVE-2021-4214 |
libpng: hardcoded value leads to heap-overflow |
libpng-dev |
1.6.36-6 |
|
LOW |
CVE-2018-14048 |
png_free_data function causing denial of service |
libpng16-16 |
1.6.36-6 |
|
LOW |
CVE-2018-14550 |
libpng: Stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token() potentially leading to |
libpng16-16 |
1.6.36-6 |
|
LOW |
CVE-2019-6129 |
libpng: memory leak of png_info struct in pngcp.c |
libpng16-16 |
1.6.36-6 |
|
LOW |
CVE-2021-4214 |
libpng: hardcoded value leads to heap-overflow |
libpng16-16 |
1.6.36-6 |
|
LOW |
CVE-2023-4016 |
procps: ps buffer overflow |
libprocps7 |
2:3.3.15-2 |
|
LOW |
CVE-2008-4108 |
python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible) |
libpython-stdlib |
2.7.16-1 |
|
LOW |
CVE-2008-4108 |
python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible) |
libpython2-stdlib |
2.7.16-1 |
|
LOW |
CVE-2013-7040 |
python: hash secret can be recovered remotely |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2017-17522 |
python: Command injection in Lib/webbrowser.py |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2019-18348 |
python: CRLF injection via the host part of the url passed to urlopen() |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2019-9674 |
Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2020-27619 |
python: Unsafe use of eval() on data retrieved via HTTP in the test suite |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2021-28861 |
python: open redirection vulnerability in lib/http/server.py may lead to information disclosure |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
libpython2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2013-7040 |
python: hash secret can be recovered remotely |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2017-17522 |
python: Command injection in Lib/webbrowser.py |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2019-18348 |
python: CRLF injection via the host part of the url passed to urlopen() |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2019-9674 |
Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2020-27619 |
python: Unsafe use of eval() on data retrieved via HTTP in the test suite |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2021-28861 |
python: open redirection vulnerability in lib/http/server.py may lead to information disclosure |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
libpython2.7-stdlib |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2017-17522 |
python: Command injection in Lib/webbrowser.py |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2019-18348 |
python: CRLF injection via the host part of the url passed to urlopen() |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2019-9674 |
Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2020-27619 |
python: Unsafe use of eval() on data retrieved via HTTP in the test suite |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2021-28861 |
python: open redirection vulnerability in lib/http/server.py may lead to information disclosure |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
libpython3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2017-17522 |
python: Command injection in Lib/webbrowser.py |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2019-18348 |
python: CRLF injection via the host part of the url passed to urlopen() |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2019-9674 |
Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2020-27619 |
python: Unsafe use of eval() on data retrieved via HTTP in the test suite |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2021-28861 |
python: open redirection vulnerability in lib/http/server.py may lead to information disclosure |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
libpython3.7-stdlib |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2019-9893 |
libseccomp: incorrect generation of syscall filters in libseccomp |
libseccomp2 |
2.3.3-4 |
|
LOW |
CVE-2021-36084 |
libsepol: use-after-free in __cil_verify_classperms() |
libsepol1 |
2.8-1 |
|
LOW |
CVE-2021-36085 |
libsepol: use-after-free in __cil_verify_classperms() |
libsepol1 |
2.8-1 |
|
LOW |
CVE-2021-36086 |
use-after-free in cil_reset_classpermission() |
libsepol1 |
2.8-1 |
|
LOW |
CVE-2021-36087 |
libsepol: heap-based buffer overflow in ebitmap_match_any() |
libsepol1 |
2.8-1 |
|
LOW |
CVE-2021-36084 |
libsepol: use-after-free in __cil_verify_classperms() |
libsepol1-dev |
2.8-1 |
|
LOW |
CVE-2021-36085 |
libsepol: use-after-free in __cil_verify_classperms() |
libsepol1-dev |
2.8-1 |
|
LOW |
CVE-2021-36086 |
use-after-free in cil_reset_classpermission() |
libsepol1-dev |
2.8-1 |
|
LOW |
CVE-2021-36087 |
libsepol: heap-based buffer overflow in ebitmap_match_any() |
libsepol1-dev |
2.8-1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libsmartcols1 |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libsmartcols1 |
2.33.1-0.1 |
|
LOW |
CVE-2019-19244 |
sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2020-11656 |
sqlite: use-after-free in the ALTER TABLE implementation |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2021-36690 |
A segmentation fault can occur in the sqlite3.exe command-line compone ... |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2021-45346 |
sqlite: crafted SQL query allows a malicious user to obtain sensitive information |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2022-35737 |
sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API |
libsqlite3-0 |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2019-19244 |
sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2020-11656 |
sqlite: use-after-free in the ALTER TABLE implementation |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2021-36690 |
A segmentation fault can occur in the sqlite3.exe command-line compone ... |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2021-45346 |
sqlite: crafted SQL query allows a malicious user to obtain sensitive information |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2022-35737 |
sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API |
libsqlite3-dev |
3.27.2-3+deb10u1 |
|
LOW |
CVE-2007-6755 |
Dual_EC_DRBG: weak pseudo random number generator |
libssl-dev |
1.1.1n-0+deb10u2 |
|
LOW |
CVE-2010-0928 |
openssl: RSA authentication weakness |
libssl-dev |
1.1.1n-0+deb10u2 |
|
LOW |
CVE-2007-6755 |
Dual_EC_DRBG: weak pseudo random number generator |
libssl1.1 |
1.1.1n-0+deb10u2 |
|
LOW |
CVE-2010-0928 |
openssl: RSA authentication weakness |
libssl1.1 |
1.1.1n-0+deb10u2 |
|
LOW |
CVE-2013-4392 |
TOCTOU race condition when updating file permissions and SELinux security contexts |
libsystemd0 |
241-7~deb10u8 |
|
LOW |
CVE-2019-20386 |
systemd: memory leak in button_open() in login/logind-button.c when udev events are received |
libsystemd0 |
241-7~deb10u8 |
|
LOW |
CVE-2020-13529 |
systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t |
libsystemd0 |
241-7~deb10u8 |
|
LOW |
CVE-2023-31437 |
An issue was discovered in systemd 253. An attacker can modify a seale ... |
libsystemd0 |
241-7~deb10u8 |
|
LOW |
CVE-2023-31438 |
An issue was discovered in systemd 253. An attacker can truncate a sea ... |
libsystemd0 |
241-7~deb10u8 |
|
LOW |
CVE-2023-31439 |
An issue was discovered in systemd 253. An attacker can modify the con ... |
libsystemd0 |
241-7~deb10u8 |
|
LOW |
CVE-2018-1000654 |
libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion |
libtasn1-6 |
4.13-3 |
|
LOW |
CVE-2018-1000654 |
libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion |
libtasn1-6-dev |
4.13-3 |
|
LOW |
CVE-2017-16232 |
libtiff: Memory leaks in tif_open.c, tif_lzw.c, and tif_aux.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-17973 |
libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-5563 |
libtiff: Heap-buffer overflow in LZWEncode tif_lzw.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-9117 |
libtiff: Heap-based buffer over-read in bmp2tiff |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2018-10126 |
libtiff: NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2020-35521 |
libtiff: Memory allocation failure in tiff2rgba |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2020-35522 |
libtiff: Memory allocation failure in tiff2rgba |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-1056 |
libtiff: heap-based buffer overflow in _TIFFmemcpy() in tif_unix.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-1210 |
tiff: Malicious file leads to a denial of service in TIFF File Handler |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2519 |
Double free or corruption in rotateImage() function at tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2520 |
Assertion fail in rotateImage() function at tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2521 |
Invalid pointer free operation in TIFFClose() at tif_close.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2953 |
libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-1916 |
libtiff: out-of-bounds read in extractImageSection() in tools/tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-30775 |
libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-3164 |
libtiff: heap-buffer-overflow in extractImageSection() |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-6228 |
libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c |
libtiff-dev |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-16232 |
libtiff: Memory leaks in tif_open.c, tif_lzw.c, and tif_aux.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-17973 |
libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-5563 |
libtiff: Heap-buffer overflow in LZWEncode tif_lzw.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-9117 |
libtiff: Heap-based buffer over-read in bmp2tiff |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2018-10126 |
libtiff: NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2020-35521 |
libtiff: Memory allocation failure in tiff2rgba |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2020-35522 |
libtiff: Memory allocation failure in tiff2rgba |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-1056 |
libtiff: heap-based buffer overflow in _TIFFmemcpy() in tif_unix.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-1210 |
tiff: Malicious file leads to a denial of service in TIFF File Handler |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2519 |
Double free or corruption in rotateImage() function at tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2520 |
Assertion fail in rotateImage() function at tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2521 |
Invalid pointer free operation in TIFFClose() at tif_close.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2953 |
libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-1916 |
libtiff: out-of-bounds read in extractImageSection() in tools/tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-30775 |
libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-3164 |
libtiff: heap-buffer-overflow in extractImageSection() |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-6228 |
libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c |
libtiff5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-16232 |
libtiff: Memory leaks in tif_open.c, tif_lzw.c, and tif_aux.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-17973 |
libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-5563 |
libtiff: Heap-buffer overflow in LZWEncode tif_lzw.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2017-9117 |
libtiff: Heap-based buffer over-read in bmp2tiff |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2018-10126 |
libtiff: NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2020-35521 |
libtiff: Memory allocation failure in tiff2rgba |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2020-35522 |
libtiff: Memory allocation failure in tiff2rgba |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-1056 |
libtiff: heap-based buffer overflow in _TIFFmemcpy() in tif_unix.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-1210 |
tiff: Malicious file leads to a denial of service in TIFF File Handler |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2519 |
Double free or corruption in rotateImage() function at tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2520 |
Assertion fail in rotateImage() function at tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2521 |
Invalid pointer free operation in TIFFClose() at tif_close.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2022-2953 |
libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-1916 |
libtiff: out-of-bounds read in extractImageSection() in tools/tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-30775 |
libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-3164 |
libtiff: heap-buffer-overflow in extractImageSection() |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-6228 |
libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c |
libtiffxx5 |
4.1.0+git191117-2~deb10u4 |
|
LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
libtinfo6 |
6.1+20181013-2+deb10u2 |
|
LOW |
CVE-2013-4392 |
TOCTOU race condition when updating file permissions and SELinux security contexts |
libudev1 |
241-7~deb10u8 |
|
LOW |
CVE-2019-20386 |
systemd: memory leak in button_open() in login/logind-button.c when udev events are received |
libudev1 |
241-7~deb10u8 |
|
LOW |
CVE-2020-13529 |
systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t |
libudev1 |
241-7~deb10u8 |
|
LOW |
CVE-2023-31437 |
An issue was discovered in systemd 253. An attacker can modify a seale ... |
libudev1 |
241-7~deb10u8 |
|
LOW |
CVE-2023-31438 |
An issue was discovered in systemd 253. An attacker can truncate a sea ... |
libudev1 |
241-7~deb10u8 |
|
LOW |
CVE-2023-31439 |
An issue was discovered in systemd 253. An attacker can modify the con ... |
libudev1 |
241-7~deb10u8 |
|
LOW |
CVE-2019-18934 |
unbound: command injection with data coming from a specially crafted IPSECKEY answer |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25031 |
unbound: configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25032 |
unbound: integer overflow in the regional allocator via regional_alloc |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25033 |
unbound: integer overflow in the regional allocator via the ALIGN_UP macro |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25034 |
unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25035 |
unbound: out-of-bounds write in sldns_bget_token_par |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25036 |
unbound: assertion failure and denial of service in synth_cname |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25037 |
unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25038 |
unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25039 |
unbound: integer overflow in a size calculation in respip/respip.c |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25040 |
unbound: infinite loop via a compressed name in dname_pkt_copy |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25041 |
unbound: assertion failure via a compressed name in dname_pkt_copy |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2019-25042 |
unbound: out-of-bounds write via a compressed name in rdata_copy |
libunbound8 |
1.9.0-2+deb10u2 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libuuid1 |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libuuid1 |
2.33.1-0.1 |
|
LOW |
CVE-2007-3476 |
libgd Denial of service by corrupted GIF images |
libwmf-dev |
0.2.8.4-14 |
|
LOW |
CVE-2007-3477 |
gd: arc drawing functions can consume large amount of CPU time |
libwmf-dev |
0.2.8.4-14 |
|
LOW |
CVE-2007-3996 |
php multiple integer overflows in gd |
libwmf-dev |
0.2.8.4-14 |
|
LOW |
CVE-2009-3546 |
gd: insufficient input validation in _gdGetColors() |
libwmf-dev |
0.2.8.4-14 |
|
LOW |
TEMP-0601525-BEBB65 |
[libgd2: gdImageColorTransparent can write outside buffer] |
libwmf-dev |
0.2.8.4-14 |
|
LOW |
CVE-2007-3476 |
libgd Denial of service by corrupted GIF images |
libwmf0.2-7 |
0.2.8.4-14 |
|
LOW |
CVE-2007-3477 |
gd: arc drawing functions can consume large amount of CPU time |
libwmf0.2-7 |
0.2.8.4-14 |
|
LOW |
CVE-2007-3996 |
php multiple integer overflows in gd |
libwmf0.2-7 |
0.2.8.4-14 |
|
LOW |
CVE-2009-3546 |
gd: insufficient input validation in _gdGetColors() |
libwmf0.2-7 |
0.2.8.4-14 |
|
LOW |
TEMP-0601525-BEBB65 |
[libgd2: gdImageColorTransparent can write outside buffer] |
libwmf0.2-7 |
0.2.8.4-14 |
|
LOW |
CVE-2015-9019 |
libxslt: math.random() in xslt uses unseeded randomness |
libxslt1-dev |
1.1.32-2.2~deb10u1 |
|
LOW |
CVE-2015-9019 |
libxslt: math.random() in xslt uses unseeded randomness |
libxslt1.1 |
1.1.32-2.2~deb10u1 |
|
LOW |
CVE-2012-2663 |
iptables: --syn flag bypass |
libxtables12 |
1.8.2-4 |
|
LOW |
CVE-2019-11360 |
iptables: buffer overflow in iptables-restore |
libxtables12 |
1.8.2-4 |
|
LOW |
CVE-2004-0230 |
TCP, when using a large Window Size, makes it easier for remote attack ... |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2005-3660 |
Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ... |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2007-3719 |
kernel: secretly Monopolizing the CPU Without Superuser Privileges |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2008-2544 |
kernel: mounting proc readonly on a different mount point silently mounts it rw if the /proc mount i |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2008-4609 |
kernel: TCP protocol vulnerabilities from Outpost24 |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2010-4563 |
kernel: ipv6: sniffer detection |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2010-5321 |
kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap() |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2011-4915 |
fs/proc/base.c in the Linux kernel through 3.1 allows local users to o ... |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2011-4916 |
Linux kernel through 3.1 allows local users to obtain sensitive keystr ... |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2011-4917 |
In the Linux kernel through 3.1 there is an information disclosure iss ... |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2012-4542 |
default SCSI command filter does not accomodate commands overlap across device classes |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2014-9892 |
The snd_compr_tstamp function in sound/core/compress_offload.c in the ... |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2014-9900 |
kernel: Info leak in uninitialized structure ethtool_wolinfo in ethtool_get_wol() |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2015-2877 |
Kernel: Cross-VM ASL INtrospection (CAIN) |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2016-10723 |
An issue was discovered in the Linux kernel through 4.17.2. Since the ... |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2016-8660 |
kernel: xfs: local DoS due to a page lock order bug in the XFS seek hole/data implementation |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2017-0630 |
kernel: Information disclosure vulnerability in kernel trace subsystem |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2017-13693 |
kernel: ACPI operand cache leak in dsutils.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2017-13694 |
kernel: ACPI node and node_ext cache leak |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2018-1121 |
procps-ng, procps: process hiding through race condition enumerating /proc |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2018-12928 |
kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2018-17977 |
kernel: Mishandled interactions among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP pack |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-11191 |
kernel: race condition in load_aout_binary() allows local users to bypass ASLR on setuid a.out progr |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-12378 |
kernel: unchecked kmalloc of new_ra in ip6_ra_control leads to denial of service |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-12379 |
kernel: memory leak in con_insert_unipair in drivers/tty/vt/consolemap.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-12380 |
memory allocation failure in the efi subsystem leads to denial of service |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-12381 |
kernel: unchecked kmalloc of new_ra in ip_ra_control leads to denial of service |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-12382 |
unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-12455 |
null pointer dereference in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c causing denial of |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-12456 |
kernel: double fetch in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl. |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-12615 |
kernel: null pointer dereference in get_vdev_port_node_info in arch /sparc/kernel/mdesc.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-16229 |
null pointer dereference in drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-16230 |
null pointer dereference in drivers/gpu/drm/radeon/radeon_display.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-16231 |
null-pointer dereference in drivers/net/fjes/fjes_main.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-16232 |
null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-16233 |
null pointer dereference in drivers/scsi/qla2xxx/qla_os.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-16234 |
null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-19064 |
kernel: A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c allows for a |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-19070 |
kernel: A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c allows for a DoS |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-19083 |
kernel: memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc leads |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-19378 |
out-of-bounds write in index_rbio_pages in fs/btrfs/raid56.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2019-25162 |
kernel: use after free in i2c |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
LOW |
CVE-2020-11725 |
kernel: improper handling of private_size*count multiplication due to count=info->owner typo |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2020-27820 |
use-after-free in nouveau kernel module |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2020-35501 |
kernel: audit not logging access to syscall open_by_handle_at for users with CAP_DAC_READ_SEARCH cap |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2021-0929 |
kernel: use-after-free in ion_dma_buf_end_cpu_access and related functions in ion.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2021-26934 |
An issue was discovered in the Linux kernel 4.18 through 5.10.16, as u ... |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2021-32078 |
kernel: out-of-bounds read in arch/arm/mach-footbridge/personal-pci.c due to improper input validati |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2021-3714 |
kernel: Remote Page Deduplication Attacks |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-0400 |
Out of bounds read in the smc protocol stack |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-1247 |
A race condition bug in rose_connect() |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-25265 |
kernel: Executable Space Protection Bypass |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-2961 |
race condition in rose_bind() |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-2991 |
kernel: heap-based overflow in LightNVM Subsystem may lead to privilege escalation |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
LOW |
CVE-2022-32296 |
kernel: insufficient TCP source port randomness leads to client identification |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
LOW |
CVE-2022-32981 |
kernel: Linux kernel for powerpc 32-bit buffer overflow in ptrace PEEKUSER/POKEUSER |
linux-libc-dev |
4.19.235-1 |
4.19.249-1 |
LOW |
CVE-2022-33981 |
use-after-free in floppy driver may lead to a DoS |
linux-libc-dev |
4.19.235-1 |
4.19.249-2 |
LOW |
CVE-2022-3521 |
kernel: race condition in kcm_tx_work() in net/kcm/kcmsock.c |
linux-libc-dev |
4.19.235-1 |
4.19.269-1 |
LOW |
CVE-2022-3629 |
kernel: memory leak in the function vsock_connect of Virtual Socket Protocol |
linux-libc-dev |
4.19.235-1 |
4.19.260-1 |
LOW |
CVE-2022-41848 |
Race condition between mgslpc_ioctl and mgslpc_detach |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-44032 |
Race between cmm_open() and cm4000_detach() result in UAF |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-44033 |
A race condition between cm4040_open() and reader_detach() may result in UAF |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-44034 |
A use-after-free due to race between scr24x_open() and scr24x_remove() |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-45884 |
kernel: use-after-free due to race condition occurring in dvb_register_device() |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-45885 |
kernel: use-after-free due to race condition occurring in dvb_frontend.c |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2022-45886 |
kernel: use-after-free due to race condition occurring in dvb_net.c |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
LOW |
CVE-2022-45887 |
kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
LOW |
CVE-2022-45919 |
kernel: use-after-free due to race condition occurring in dvb_ca_en50221.c |
linux-libc-dev |
4.19.235-1 |
4.19.289-1 |
LOW |
CVE-2023-1513 |
kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems |
linux-libc-dev |
4.19.235-1 |
4.19.282-1 |
LOW |
CVE-2023-23000 |
kernel: incorrect return value for the error case in the tegra_xusb_find_port_node |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2023-23003 |
kernel: missing check for return value of hashmap__new() in the function expr__ctx_new |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2023-23039 |
kernel: tty: vcc: race condition leading to use-after-free in vcc_open() |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2023-26242 |
afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the ... |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2023-31085 |
kernel: divide-by-zero error in ctrl_cdev_ioctl when do_div happens and erasesize is 0 |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2023-4134 |
use-after-free in cyttsp4_watchdog_work() |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2023-52445 |
kernel: pvrusb2: fix use after free on context disconnection |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2023-52474 |
kernel: non-PAGE_SIZE-end multi-iovec user SDMA requests |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2023-6610 |
kernel: OOB Access in smb2_dump_detail |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2024-26606 |
kernel: signal epoll threads of self-work |
linux-libc-dev |
4.19.235-1 |
|
LOW |
TEMP-0000000-F7A20F |
[Kernel: Unprivileged user can freeze journald] |
linux-libc-dev |
4.19.235-1 |
|
LOW |
CVE-2007-5686 |
initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... |
login |
1:4.5-1.1 |
|
LOW |
CVE-2013-4235 |
shadow-utils: TOCTOU race conditions by copying and removing directory trees |
login |
1:4.5-1.1 |
|
LOW |
CVE-2018-7169 |
shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p |
login |
1:4.5-1.1 |
|
LOW |
CVE-2019-19882 |
shadow-utils: local users can obtain root access because setuid programs are misconfigured |
login |
1:4.5-1.1 |
|
LOW |
CVE-2023-29383 |
Improper input validation in shadow-utils package utility chfn |
login |
1:4.5-1.1 |
|
LOW |
TEMP-0628843-DBAD28 |
[more related to CVE-2005-4890] |
login |
1:4.5-1.1 |
|
LOW |
CVE-2008-1687 |
m4: unquoted output of maketemp and mkstemp |
m4 |
1.4.18-2 |
|
LOW |
CVE-2008-1688 |
m4: code execution via -F argument |
m4 |
1.4.18-2 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
mount |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
mount |
2.33.1-0.1 |
|
LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
ncurses-base |
6.1+20181013-2+deb10u2 |
|
LOW |
CVE-2023-45918 |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ... |
ncurses-bin |
6.1+20181013-2+deb10u2 |
|
LOW |
CVE-2007-2243 |
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabl ... |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2007-2768 |
OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, a ... |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2008-3234 |
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapsh ... |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2016-20012 |
openssh: Public key information leak |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2018-15919 |
User enumeration via malformed packets in authentication requests |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2019-16905 |
openssh: an integer overflow in the private key parsing code for the XMSS key type |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2019-6110 |
openssh: Acceptance and display of arbitrary stderr allows for spoofing of scp client output |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2020-12062 |
scp can send duplicate responses to the server upon a utimes system call failure leading to overwrit |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2020-14145 |
openssh: Observable discrepancy leading to an information leak in the algorithm negotiation |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2020-15778 |
openssh: scp allows command injection when using backtick characters in the destination argument |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2021-36368 |
openssh: possible bypass of fido 2 devices and ssh-askpass |
openssh-client |
1:7.9p1-10+deb10u2 |
|
LOW |
CVE-2007-6755 |
Dual_EC_DRBG: weak pseudo random number generator |
openssl |
1.1.1n-0+deb10u2 |
|
LOW |
CVE-2010-0928 |
openssl: RSA authentication weakness |
openssl |
1.1.1n-0+deb10u2 |
|
LOW |
CVE-2007-5686 |
initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... |
passwd |
1:4.5-1.1 |
|
LOW |
CVE-2013-4235 |
shadow-utils: TOCTOU race conditions by copying and removing directory trees |
passwd |
1:4.5-1.1 |
|
LOW |
CVE-2018-7169 |
shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p |
passwd |
1:4.5-1.1 |
|
LOW |
CVE-2019-19882 |
shadow-utils: local users can obtain root access because setuid programs are misconfigured |
passwd |
1:4.5-1.1 |
|
LOW |
CVE-2023-29383 |
Improper input validation in shadow-utils package utility chfn |
passwd |
1:4.5-1.1 |
|
LOW |
TEMP-0628843-DBAD28 |
[more related to CVE-2005-4890] |
passwd |
1:4.5-1.1 |
|
LOW |
CVE-2010-4651 |
patch: directory traversal flaw allows for arbitrary file creation |
patch |
2.7.6-3+deb10u1 |
|
LOW |
CVE-2018-6951 |
patch: NULL pointer dereference in pch.c:intuit_diff_type() causes a crash |
patch |
2.7.6-3+deb10u1 |
|
LOW |
CVE-2018-6952 |
patch: Double free of memory in pch.c:another_hunk() causes a crash |
patch |
2.7.6-3+deb10u1 |
|
LOW |
CVE-2021-45261 |
Invalid Pointer via another_hunk function |
patch |
2.7.6-3+deb10u1 |
|
LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
perl |
5.28.1-6+deb10u1 |
|
LOW |
CVE-2023-31486 |
http-tiny: insecure TLS cert default |
perl |
5.28.1-6+deb10u1 |
|
LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
perl-base |
5.28.1-6+deb10u1 |
|
LOW |
CVE-2023-31486 |
http-tiny: insecure TLS cert default |
perl-base |
5.28.1-6+deb10u1 |
|
LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
perl-modules-5.28 |
5.28.1-6+deb10u1 |
|
LOW |
CVE-2023-31486 |
http-tiny: insecure TLS cert default |
perl-modules-5.28 |
5.28.1-6+deb10u1 |
|
LOW |
CVE-2023-4016 |
procps: ps buffer overflow |
procps |
2:3.3.15-2 |
|
LOW |
CVE-2008-4108 |
python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible) |
python |
2.7.16-1 |
|
LOW |
CVE-2008-4108 |
python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible) |
python-minimal |
2.7.16-1 |
|
LOW |
CVE-2008-4108 |
python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible) |
python2 |
2.7.16-1 |
|
LOW |
CVE-2008-4108 |
python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible) |
python2-minimal |
2.7.16-1 |
|
LOW |
CVE-2013-7040 |
python: hash secret can be recovered remotely |
python2.7 |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2017-17522 |
python: Command injection in Lib/webbrowser.py |
python2.7 |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2019-18348 |
python: CRLF injection via the host part of the url passed to urlopen() |
python2.7 |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2019-9674 |
Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py |
python2.7 |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2020-27619 |
python: Unsafe use of eval() on data retrieved via HTTP in the test suite |
python2.7 |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2021-28861 |
python: open redirection vulnerability in lib/http/server.py may lead to information disclosure |
python2.7 |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
python2.7 |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2013-7040 |
python: hash secret can be recovered remotely |
python2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2017-17522 |
python: Command injection in Lib/webbrowser.py |
python2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2019-18348 |
python: CRLF injection via the host part of the url passed to urlopen() |
python2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2019-9674 |
Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py |
python2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2020-27619 |
python: Unsafe use of eval() on data retrieved via HTTP in the test suite |
python2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2021-28861 |
python: open redirection vulnerability in lib/http/server.py may lead to information disclosure |
python2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
python2.7-minimal |
2.7.16-2+deb10u1 |
|
LOW |
CVE-2017-17522 |
python: Command injection in Lib/webbrowser.py |
python3.7 |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2019-18348 |
python: CRLF injection via the host part of the url passed to urlopen() |
python3.7 |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2019-9674 |
Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py |
python3.7 |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2020-27619 |
python: Unsafe use of eval() on data retrieved via HTTP in the test suite |
python3.7 |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2021-28861 |
python: open redirection vulnerability in lib/http/server.py may lead to information disclosure |
python3.7 |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
python3.7 |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2017-17522 |
python: Command injection in Lib/webbrowser.py |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2019-18348 |
python: CRLF injection via the host part of the url passed to urlopen() |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2019-9674 |
Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2020-27619 |
python: Unsafe use of eval() on data retrieved via HTTP in the test suite |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2021-28861 |
python: open redirection vulnerability in lib/http/server.py may lead to information disclosure |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
CVE-2023-24535 |
panic when parsing an incomplete number |
python3.7-minimal |
3.7.3-2+deb10u3 |
|
LOW |
TEMP-0517018-A83CE6 |
[sysvinit: no-root option in expert installer exposes locally exploitable security flaw] |
sysvinit-utils |
2.93-8 |
|
LOW |
CVE-2005-2541 |
tar: does not properly warn the user when extracting setuid or setgid files |
tar |
1.30+dfsg-6 |
|
LOW |
CVE-2019-9923 |
tar: null-pointer dereference in pax_decode_header in sparse.c |
tar |
1.30+dfsg-6 |
|
LOW |
CVE-2021-20193 |
tar: Memory leak in read_header() in list.c |
tar |
1.30+dfsg-6 |
|
LOW |
CVE-2022-48303 |
heap buffer overflow at from_header() in list.c via specially crafted checksum |
tar |
1.30+dfsg-6 |
|
LOW |
CVE-2023-39804 |
tar: Incorrectly handled extension attributes in PAX archives can lead to a crash |
tar |
1.30+dfsg-6 |
|
LOW |
TEMP-0290435-0B57B5 |
[tar's rmt command may have undesired side effects] |
tar |
1.30+dfsg-6 |
|
LOW |
CVE-2021-4217 |
unzip: Null pointer dereference in Unicode strings code |
unzip |
6.0-23+deb10u2 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
util-linux |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
util-linux |
2.33.1-0.1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
uuid-dev |
2.33.1-0.1 |
|
LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
uuid-dev |
2.33.1-0.1 |
|
UNKNOWN |
DLA-3112-1 |
bzip2 - bugfix update |
bzip2 |
1.0.6-9.2~deb10u1 |
1.0.6-9.2~deb10u2 |
UNKNOWN |
DLA-3482-1 |
debian-archive-keyring - security update |
debian-archive-keyring |
2019.1+deb10u1 |
2019.1+deb10u2 |
UNKNOWN |
DLA-3239-2 |
git - regression update |
git |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u6 |
UNKNOWN |
DLA-3239-2 |
git - regression update |
git-man |
1:2.20.1-2+deb10u3 |
1:2.20.1-2+deb10u6 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
imagemagick |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
imagemagick-6-common |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
imagemagick-6.q16 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3112-1 |
bzip2 - bugfix update |
libbz2-1.0 |
1.0.6-9.2~deb10u1 |
1.0.6-9.2~deb10u2 |
UNKNOWN |
DLA-3112-1 |
bzip2 - bugfix update |
libbz2-dev |
1.0.6-9.2~deb10u1 |
1.0.6-9.2~deb10u2 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickcore-6-arch-config |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickcore-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickcore-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickcore-6.q16-6-extra |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickcore-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickcore-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickwand-6-headers |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickwand-6.q16-6 |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickwand-6.q16-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3357-2 |
imagemagick - regression update |
libmagickwand-dev |
8:6.9.10.23+dfsg-2.1+deb10u1 |
8:6.9.10.23+dfsg-2.1+deb10u4 |
UNKNOWN |
DLA-3114-2 |
mariadb-10.3 - regression update |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u2 |
UNKNOWN |
DLA-3337-1 |
mariadb-10.3 - bugfix update |
libmariadb-dev |
1:10.3.34-0+deb10u1 |
1:10.3.38-0+deb10u1 |
UNKNOWN |
DLA-3114-2 |
mariadb-10.3 - regression update |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u2 |
UNKNOWN |
DLA-3337-1 |
mariadb-10.3 - bugfix update |
libmariadb-dev-compat |
1:10.3.34-0+deb10u1 |
1:10.3.38-0+deb10u1 |
UNKNOWN |
DLA-3114-2 |
mariadb-10.3 - regression update |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u2 |
UNKNOWN |
DLA-3337-1 |
mariadb-10.3 - bugfix update |
libmariadb3 |
1:10.3.34-0+deb10u1 |
1:10.3.38-0+deb10u1 |
UNKNOWN |
DLA-3189-1 |
postgresql-11 - bugfix update |
libpq-dev |
11.16-0+deb10u1 |
11.18-0+deb10u1 |
UNKNOWN |
DLA-3316-1 |
postgresql-11 - security update |
libpq-dev |
11.16-0+deb10u1 |
11.19-0+deb10u1 |
UNKNOWN |
DLA-3189-1 |
postgresql-11 - bugfix update |
libpq5 |
11.16-0+deb10u1 |
11.18-0+deb10u1 |
UNKNOWN |
DLA-3316-1 |
postgresql-11 - security update |
libpq5 |
11.16-0+deb10u1 |
11.19-0+deb10u1 |
UNKNOWN |
CVE-2020-36776 |
[thermal/drivers/cpufreq_cooling: Fix slab OOB issue] |
linux-libc-dev |
4.19.235-1 |
|
UNKNOWN |
CVE-2021-46928 |
In the Linux kernel, the following vulnerability has been resolved: p ... |
linux-libc-dev |
4.19.235-1 |
|
UNKNOWN |
CVE-2021-46941 |
[usb: dwc3: core: Do core softreset when switch mode] |
linux-libc-dev |
4.19.235-1 |
|
UNKNOWN |
CVE-2023-52443 |
In the Linux kernel, the following vulnerability has been resolved: a ... |
linux-libc-dev |
4.19.235-1 |
|
UNKNOWN |
CVE-2023-52444 |
In the Linux kernel, the following vulnerability has been resolved: f ... |
linux-libc-dev |
4.19.235-1 |
|
UNKNOWN |
CVE-2024-26597 |
In the Linux kernel, the following vulnerability has been resolved: n ... |
linux-libc-dev |
4.19.235-1 |
|
UNKNOWN |
CVE-2024-26602 |
In the Linux kernel, the following vulnerability has been resolved: s ... |
linux-libc-dev |
4.19.235-1 |
|
UNKNOWN |
DLA-3114-2 |
mariadb-10.3 - regression update |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.36-0+deb10u2 |
UNKNOWN |
DLA-3337-1 |
mariadb-10.3 - bugfix update |
mariadb-common |
1:10.3.34-0+deb10u1 |
1:10.3.38-0+deb10u1 |
UNKNOWN |
DLA-3134-1 |
tzdata - new timezone database |
tzdata |
2021a-0+deb10u4 |
2021a-0+deb10u7 |
UNKNOWN |
DLA-3161-1 |
tzdata - new timezone database |
tzdata |
2021a-0+deb10u4 |
2021a-0+deb10u8 |
UNKNOWN |
DLA-3366-1 |
tzdata - new timezone database |
tzdata |
2021a-0+deb10u4 |
2021a-0+deb10u10 |
UNKNOWN |
DLA-3412-1 |
tzdata - new timezone database |
tzdata |
2021a-0+deb10u4 |
2021a-0+deb10u11 |
UNKNOWN |
DLA-3684-1 |
tzdata - new timezone database |
tzdata |
2021a-0+deb10u4 |
2021a-0+deb10u12 |