| CRITICAL |
CVE-2022-28615 |
httpd: out-of-bounds read in ap_strcmp_match() |
apache2 |
2.4.53-1~deb11u1 |
|
| CRITICAL |
CVE-2022-31813 |
httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism |
apache2 |
2.4.53-1~deb11u1 |
|
| CRITICAL |
CVE-2022-28615 |
httpd: out-of-bounds read in ap_strcmp_match() |
apache2-bin |
2.4.53-1~deb11u1 |
|
| CRITICAL |
CVE-2022-31813 |
httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism |
apache2-bin |
2.4.53-1~deb11u1 |
|
| CRITICAL |
CVE-2022-28615 |
httpd: out-of-bounds read in ap_strcmp_match() |
apache2-data |
2.4.53-1~deb11u1 |
|
| CRITICAL |
CVE-2022-31813 |
httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism |
apache2-data |
2.4.53-1~deb11u1 |
|
| CRITICAL |
CVE-2022-28615 |
httpd: out-of-bounds read in ap_strcmp_match() |
apache2-utils |
2.4.53-1~deb11u1 |
|
| CRITICAL |
CVE-2022-31813 |
httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism |
apache2-utils |
2.4.53-1~deb11u1 |
|
| CRITICAL |
CVE-2021-22945 |
curl: use-after-free and double-free in MQTT sending |
curl |
7.74.0-1.3+deb11u1 |
|
| CRITICAL |
CVE-2022-1664 |
Dpkg::Source::Archive in dpkg, the Debian package management system, b ... |
dpkg |
1.20.9 |
1.20.10 |
| CRITICAL |
CVE-2022-1664 |
Dpkg::Source::Archive in dpkg, the Debian package management system, b ... |
dpkg-dev |
1.20.9 |
1.20.10 |
| CRITICAL |
CVE-2021-22945 |
curl: use-after-free and double-free in MQTT sending |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| CRITICAL |
CVE-2019-8457 |
sqlite: heap out-of-bound read in function rtreenode() |
libdb5.3 |
5.3.28+dfsg1-0.8 |
|
| CRITICAL |
CVE-2022-1664 |
Dpkg::Source::Archive in dpkg, the Debian package management system, b ... |
libdpkg-perl |
1.20.9 |
1.20.10 |
| CRITICAL |
CVE-2022-27404 |
FreeType: Buffer Overflow |
libfreetype6 |
2.10.4+dfsg-1 |
|
| CRITICAL |
CVE-2022-29155 |
openldap: OpenLDAP SQL injection |
libldap-2.4-2 |
2.4.57+dfsg-3 |
2.4.57+dfsg-3+deb11u1 |
| CRITICAL |
CVE-2022-1586 |
pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c |
libpcre2-8-0 |
10.36-2 |
|
| CRITICAL |
CVE-2022-1587 |
pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c |
libpcre2-8-0 |
10.36-2 |
|
| CRITICAL |
CVE-2022-1292 |
openssl: c_rehash script allows command injection |
libssl1.1 |
1.1.1n-0+deb11u1 |
1.1.1n-0+deb11u2 |
| CRITICAL |
CVE-2022-1292 |
openssl: c_rehash script allows command injection |
openssl |
1.1.1n-0+deb11u1 |
1.1.1n-0+deb11u2 |
| HIGH |
CVE-2022-26377 |
httpd: mod_proxy_ajp: Possible request smuggling |
apache2 |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-29404 |
httpd: mod_lua: DoS in r:parsebody |
apache2 |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-30522 |
httpd: mod_sed: DoS vulnerability |
apache2 |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-30556 |
httpd: mod_lua: Information disclosure with websockets |
apache2 |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-26377 |
httpd: mod_proxy_ajp: Possible request smuggling |
apache2-bin |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-29404 |
httpd: mod_lua: DoS in r:parsebody |
apache2-bin |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-30522 |
httpd: mod_sed: DoS vulnerability |
apache2-bin |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-30556 |
httpd: mod_lua: Information disclosure with websockets |
apache2-bin |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-26377 |
httpd: mod_proxy_ajp: Possible request smuggling |
apache2-data |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-29404 |
httpd: mod_lua: DoS in r:parsebody |
apache2-data |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-30522 |
httpd: mod_sed: DoS vulnerability |
apache2-data |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-30556 |
httpd: mod_lua: Information disclosure with websockets |
apache2-data |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-26377 |
httpd: mod_proxy_ajp: Possible request smuggling |
apache2-utils |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-29404 |
httpd: mod_lua: DoS in r:parsebody |
apache2-utils |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-30522 |
httpd: mod_sed: DoS vulnerability |
apache2-utils |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2022-30556 |
httpd: mod_lua: Information disclosure with websockets |
apache2-utils |
2.4.53-1~deb11u1 |
|
| HIGH |
CVE-2021-22946 |
curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols |
curl |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-22576 |
curl: OAUTH2 bearer bypass in connection re-use |
curl |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-27775 |
curl: bad local IPv6 connection reuse |
curl |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-27781 |
curl: CERTINFO never-ending busy-loop |
curl |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-27782 |
curl: TLS and SSH connection too eager reuse |
curl |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
e2fsprogs |
1.46.2-2 |
|
| HIGH |
CVE-2021-3999 |
glibc: Off-by-one buffer overflow/underflow in getcwd() |
libc-bin |
2.31-13+deb11u3 |
|
| HIGH |
CVE-2021-3999 |
glibc: Off-by-one buffer overflow/underflow in getcwd() |
libc-dev-bin |
2.31-13+deb11u3 |
|
| HIGH |
CVE-2021-3999 |
glibc: Off-by-one buffer overflow/underflow in getcwd() |
libc6 |
2.31-13+deb11u3 |
|
| HIGH |
CVE-2021-3999 |
glibc: Off-by-one buffer overflow/underflow in getcwd() |
libc6-dev |
2.31-13+deb11u3 |
|
| HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
libcom-err2 |
1.46.2-2 |
|
| HIGH |
CVE-2021-22946 |
curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-22576 |
curl: OAUTH2 bearer bypass in connection re-use |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-27775 |
curl: bad local IPv6 connection reuse |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-27781 |
curl: CERTINFO never-ending busy-loop |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-27782 |
curl: TLS and SSH connection too eager reuse |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
libext2fs2 |
1.46.2-2 |
|
| HIGH |
CVE-2022-27405 |
FreeType: Segementation Fault |
libfreetype6 |
2.10.4+dfsg-1 |
|
| HIGH |
CVE-2022-27406 |
Freetype: Segmentation violation |
libfreetype6 |
2.10.4+dfsg-1 |
|
| HIGH |
CVE-2021-33560 |
libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channe |
libgcrypt20 |
1.8.7-6 |
|
| HIGH |
CVE-2019-6706 |
lua: use-after-free in lua_upvaluejoin in lapi.c resulting in denial of service |
liblua5.3-0 |
5.3.3-1.1 |
|
| HIGH |
CVE-2022-29458 |
ncurses: segfaulting OOB read |
libncurses6 |
6.2+20201114-2 |
|
| HIGH |
CVE-2022-29458 |
ncurses: segfaulting OOB read |
libncursesw6 |
6.2+20201114-2 |
|
| HIGH |
CVE-2020-16156 |
perl-CPAN: Bypass of verification of signatures in CHECKSUMS files |
libperl5.32 |
5.32.1-4+deb11u2 |
|
| HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
libss2 |
1.46.2-2 |
|
| HIGH |
CVE-2022-29458 |
ncurses: segfaulting OOB read |
libtinfo6 |
6.2+20201114-2 |
|
| HIGH |
CVE-2013-7445 |
kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2019-19378 |
kernel: out-of-bounds write in index_rbio_pages in fs/btrfs/raid56.c |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2019-19449 |
kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_ |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2019-19814 |
kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2020-12362 |
kernel: Integer overflow in Intel(R) Graphics Drivers |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2021-3847 |
kernel: low-privileged user privileges escalation |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2021-3864 |
kernel: descendant's dumpable setting with certain SUID binaries |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2021-39686 |
kernel: race condition in the Android binder driver could lead to incorrect security checks |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2021-4204 |
kernel: improper input validation may lead to privilege escalation |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2022-0500 |
kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileg |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2022-1012 |
kernel: Small table perturb size in the TCP source port generation algorithm can lead to information |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| HIGH |
CVE-2022-1247 |
kernel: A race condition bug in rose_connect() |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2022-1652 |
kernel: A concurrency use-after-free in bad_flp_intr |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| HIGH |
CVE-2022-1679 |
kernel: Use-After-Free in ath9k_htc_probe_device() could cause an escalation of privileges |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2022-1786 |
kernel: invalid-free in io_uring that can lead to LPE |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| HIGH |
CVE-2022-1882 |
kernel: Use-After-Free in free_pipe_info() could cause an escalation of privileges |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2022-28893 |
kernel: Use after free in SUNRPC subsystem |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| HIGH |
CVE-2022-32250 |
kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| HIGH |
CVE-2022-32981 |
kernel: Linux kernel for powerpc 32-bit buffer overflow in ptrace PEEKUSER/POKEUSER |
linux-libc-dev |
5.10.113-1 |
|
| HIGH |
CVE-2022-1304 |
e2fsprogs: out-of-bounds read/write via crafted filesystem |
logsave |
1.46.2-2 |
|
| HIGH |
CVE-2022-29458 |
ncurses: segfaulting OOB read |
ncurses-base |
6.2+20201114-2 |
|
| HIGH |
CVE-2022-29458 |
ncurses: segfaulting OOB read |
ncurses-bin |
6.2+20201114-2 |
|
| HIGH |
CVE-2020-16156 |
perl-CPAN: Bypass of verification of signatures in CHECKSUMS files |
perl |
5.32.1-4+deb11u2 |
|
| HIGH |
CVE-2020-16156 |
perl-CPAN: Bypass of verification of signatures in CHECKSUMS files |
perl-base |
5.32.1-4+deb11u2 |
|
| HIGH |
CVE-2020-16156 |
perl-CPAN: Bypass of verification of signatures in CHECKSUMS files |
perl-modules-5.32 |
5.32.1-4+deb11u2 |
|
| MEDIUM |
CVE-2022-28614 |
httpd: out-of-bounds read via ap_rwrite() |
apache2 |
2.4.53-1~deb11u1 |
|
| MEDIUM |
CVE-2022-28614 |
httpd: out-of-bounds read via ap_rwrite() |
apache2-bin |
2.4.53-1~deb11u1 |
|
| MEDIUM |
CVE-2022-28614 |
httpd: out-of-bounds read via ap_rwrite() |
apache2-data |
2.4.53-1~deb11u1 |
|
| MEDIUM |
CVE-2022-28614 |
httpd: out-of-bounds read via ap_rwrite() |
apache2-utils |
2.4.53-1~deb11u1 |
|
| MEDIUM |
CVE-2021-22947 |
curl: Server responses received before STARTTLS processed after TLS handshake |
curl |
7.74.0-1.3+deb11u1 |
|
| MEDIUM |
CVE-2022-27774 |
curl: credential leak on redirect |
curl |
7.74.0-1.3+deb11u1 |
|
| MEDIUM |
CVE-2022-27776 |
curl: auth/cookie leak on redirect |
curl |
7.74.0-1.3+deb11u1 |
|
| MEDIUM |
CVE-2021-22947 |
curl: Server responses received before STARTTLS processed after TLS handshake |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| MEDIUM |
CVE-2022-27774 |
curl: credential leak on redirect |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| MEDIUM |
CVE-2022-27776 |
curl: auth/cookie leak on redirect |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| MEDIUM |
CVE-2021-4209 |
GnuTLS: Null pointer dereference in MD_UPDATE |
libgnutls30 |
3.7.1-5 |
|
| MEDIUM |
CVE-2021-46822 |
libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c |
libjpeg62-turbo |
1:2.0.6-4 |
|
| MEDIUM |
CVE-2020-24370 |
lua: segmentation fault in getlocal and setlocal functions in ldebug.c |
liblua5.3-0 |
5.3.3-1.1 |
|
| MEDIUM |
CVE-2021-43519 |
lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file |
liblua5.3-0 |
5.3.3-1.1 |
|
| MEDIUM |
CVE-2021-45346 |
sqlite: crafted SQL query allows a malicious user to obtain sensitive information |
libsqlite3-0 |
3.34.1-3 |
|
| MEDIUM |
CVE-2022-2068 |
openssl: the c_rehash script allows command injection |
libssl1.1 |
1.1.1n-0+deb11u1 |
|
| MEDIUM |
CVE-2022-29824 |
libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write |
libxml2 |
2.9.10+dfsg-6.7+deb11u1 |
2.9.10+dfsg-6.7+deb11u2 |
| MEDIUM |
CVE-2019-15213 |
kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2019-15794 |
kernel: Overlayfs in the Linux kernel and shiftfs not restoring original value on error leading to |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2019-16089 |
kernel: Improper return check in nbd_genl_status function in drivers/block/nbd.c |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2019-20794 |
kernel: task processes not being properly ended could lead to resource exhaustion |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2020-12363 |
kernel: Improper input validation in some Intel(R) Graphics Drivers |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2020-12364 |
kernel: Null pointer dereference in some Intel(R) Graphics Drivers |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2020-14304 |
kernel: ethtool when reading eeprom of device could lead to memory leak |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2020-15802 |
hardware: BLURtooth: "Dual mode" hardware using CTKD are vulnerable to key overwrite |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2020-24504 |
kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2020-26555 |
kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2020-36516 |
kernel: an off-path attacker may inject data or terminate a victim's TCP session |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2021-33061 |
kernel: insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapter |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2021-3669 |
kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2021-3714 |
kernel: Remote Page Deduplication Attacks |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2021-3759 |
kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2021-4023 |
kernel: Improper IO-uring request cancellation operation allows local users to cause a crash |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2021-4037 |
kernel: security regression for CVE-2018-13405 |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2021-4149 |
kernel: Improper lock operation in btrfs |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2021-44879 |
kernel: NULL pointer dereference in folio_mark_dirty() via a crafted f2fs image |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2022-0171 |
kernel: KVM: cache incoherence issue in SEV API may lead to kernel crash |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2022-0400 |
kernel: Out of bounds read in the smc protocol stack |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2022-0480 |
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2022-0494 |
kernel: information leak in scsi_ioctl() |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-0854 |
kernel: swiotlb information leak with DMA_FROM_DEVICE |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-1184 |
kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2022-1280 |
kernel: concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2022-1462 |
kernel: possible race condition in drivers/tty/tty_buffers.c |
linux-libc-dev |
5.10.113-1 |
|
| MEDIUM |
CVE-2022-1508 |
kernel: out-of-bounds read in iov_iter_revert() in lib/iov_iter.c |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-1729 |
kernel: race condition in perf_event_open leads to privilege escalation |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-1789 |
kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-1852 |
kernel: NULL pointer dereference in x86_emulate_insn may lead to DoS |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-1972 |
kernel: out-of-bounds write vulnerability in nftable may lead to local privilege escalation |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-1974 |
kernel: use-after-free in /net/nfc/core.c causes kernel crash by simulating nfc device from user-spa |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-1975 |
kernel: sleep in atomic bug when firmware download timeout |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-2078 |
kernel: Vulnerability of buffer overflow in nft_set_desc_concat_parse() |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-21499 |
kernel: possible to use the debugger to write zero into a location of choice |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| MEDIUM |
CVE-2022-2068 |
openssl: the c_rehash script allows command injection |
openssl |
1.1.1n-0+deb11u1 |
|
| LOW |
CVE-2001-1534 |
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... |
apache2 |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1307 |
|
apache2 |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1580 |
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... |
apache2 |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1581 |
httpd: Injection of arbitrary text into log files when DNS resolution is enabled |
apache2 |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-0086 |
CVE-2007-0086 affecting package httpd 2.4.46 |
apache2 |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-1743 |
suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... |
apache2 |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-3303 |
Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... |
apache2 |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2008-0456 |
httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enable |
apache2 |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2001-1534 |
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... |
apache2-bin |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1307 |
|
apache2-bin |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1580 |
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... |
apache2-bin |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1581 |
httpd: Injection of arbitrary text into log files when DNS resolution is enabled |
apache2-bin |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-0086 |
CVE-2007-0086 affecting package httpd 2.4.46 |
apache2-bin |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-1743 |
suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... |
apache2-bin |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-3303 |
Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... |
apache2-bin |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2008-0456 |
httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enable |
apache2-bin |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2001-1534 |
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... |
apache2-data |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1307 |
|
apache2-data |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1580 |
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... |
apache2-data |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1581 |
httpd: Injection of arbitrary text into log files when DNS resolution is enabled |
apache2-data |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-0086 |
CVE-2007-0086 affecting package httpd 2.4.46 |
apache2-data |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-1743 |
suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... |
apache2-data |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-3303 |
Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... |
apache2-data |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2008-0456 |
httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enable |
apache2-data |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2001-1534 |
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... |
apache2-utils |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1307 |
|
apache2-utils |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1580 |
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... |
apache2-utils |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2003-1581 |
httpd: Injection of arbitrary text into log files when DNS resolution is enabled |
apache2-utils |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-0086 |
CVE-2007-0086 affecting package httpd 2.4.46 |
apache2-utils |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-1743 |
suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... |
apache2-utils |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2007-3303 |
Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... |
apache2-utils |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2008-0456 |
httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enable |
apache2-utils |
2.4.53-1~deb11u1 |
|
| LOW |
CVE-2011-3374 |
It was found that apt-key in apt, all versions, do not correctly valid ... |
apt |
2.2.4 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2019-1010204 |
binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2021-3487 |
binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2021-46195 |
gcc: uncontrolled recursion in libiberty/rust-demangle.c |
binutils |
2.35.2-2 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2019-1010204 |
binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2021-3487 |
binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2021-46195 |
gcc: uncontrolled recursion in libiberty/rust-demangle.c |
binutils-common |
2.35.2-2 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2019-1010204 |
binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2021-3487 |
binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2021-46195 |
gcc: uncontrolled recursion in libiberty/rust-demangle.c |
binutils-x86-64-linux-gnu |
2.35.2-2 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
bsdutils |
2.36.1-8+deb11u1 |
|
| LOW |
CVE-2016-2781 |
coreutils: Non-privileged session can escape to the parent session in chroot |
coreutils |
8.32-4 |
|
| LOW |
CVE-2017-18018 |
coreutils: race condition vulnerability in chown and chgrp |
coreutils |
8.32-4 |
|
| LOW |
CVE-2021-22898 |
curl: TELNET stack contents disclosure |
curl |
7.74.0-1.3+deb11u1 |
|
| LOW |
CVE-2021-22922 |
curl: Content not matching hash in Metalink is not being discarded |
curl |
7.74.0-1.3+deb11u1 |
|
| LOW |
CVE-2021-22923 |
curl: Metalink download sends credentials |
curl |
7.74.0-1.3+deb11u1 |
|
| LOW |
CVE-2021-22924 |
curl: Bad connection reuse due to flawed path name checks |
curl |
7.74.0-1.3+deb11u1 |
|
| LOW |
CVE-2011-3374 |
It was found that apt-key in apt, all versions, do not correctly valid ... |
libapt-pkg6.0 |
2.2.4 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2019-1010204 |
binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2021-3487 |
binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2021-46195 |
gcc: uncontrolled recursion in libiberty/rust-demangle.c |
libbinutils |
2.35.2-2 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libblkid1 |
2.36.1-8+deb11u1 |
|
| LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc-dev-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-dev-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc-dev-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc-dev-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc-dev-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc-dev-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc-dev-bin |
2.31-13+deb11u3 |
|
| LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc6 |
2.31-13+deb11u3 |
|
| LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6 |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc6 |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc6 |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc6 |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc6 |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6 |
2.31-13+deb11u3 |
|
| LOW |
CVE-2010-4756 |
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres |
libc6-dev |
2.31-13+deb11u3 |
|
| LOW |
CVE-2018-20796 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6-dev |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010022 |
glibc: stack guard protection bypass |
libc6-dev |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010023 |
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation |
libc6-dev |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010024 |
glibc: ASLR bypass using cache of thread stack and heap |
libc6-dev |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-1010025 |
glibc: information disclosure of heap addresses of pthread_created thread |
libc6-dev |
2.31-13+deb11u3 |
|
| LOW |
CVE-2019-9192 |
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c |
libc6-dev |
2.31-13+deb11u3 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2019-1010204 |
binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2021-3487 |
binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2021-46195 |
gcc: uncontrolled recursion in libiberty/rust-demangle.c |
libctf-nobfd0 |
2.35.2-2 |
|
| LOW |
CVE-2017-13716 |
binutils: Memory leak with the C++ symbol demangler routine in libiberty |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2018-12934 |
binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2018-18483 |
binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2018-20623 |
binutils: Use-after-free in the error function |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2018-20673 |
libiberty: Integer overflow in demangle_template() function |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2018-20712 |
libiberty: heap-based buffer over-read in d_expression_1 |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2018-9996 |
binutils: Stack-overflow in libiberty/cplus-dem.c causes crash |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2019-1010204 |
binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2020-35448 |
binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2021-20197 |
binutils: Race window allows users to own arbitrary files |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2021-20284 |
binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2021-3487 |
binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2021-3530 |
binutils: stack memory exhaustion in demangle_path() in rust-demangle.c |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2021-3549 |
binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2021-45078 |
binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2021-46195 |
gcc: uncontrolled recursion in libiberty/rust-demangle.c |
libctf0 |
2.35.2-2 |
|
| LOW |
CVE-2021-22898 |
curl: TELNET stack contents disclosure |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| LOW |
CVE-2021-22922 |
curl: Content not matching hash in Metalink is not being discarded |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| LOW |
CVE-2021-22923 |
curl: Metalink download sends credentials |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| LOW |
CVE-2021-22924 |
curl: Bad connection reuse due to flawed path name checks |
libcurl4 |
7.74.0-1.3+deb11u1 |
|
| LOW |
CVE-2013-0340 |
expat: internal entity expansion |
libexpat1 |
2.2.10-2+deb11u3 |
|
| LOW |
CVE-2022-31782 |
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ... |
libfreetype6 |
2.10.4+dfsg-1 |
|
| LOW |
CVE-2018-6829 |
libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintex |
libgcrypt20 |
1.8.7-6 |
|
| LOW |
CVE-2012-0039 |
glib2: hash table collisions CPU usage DoS |
libglib2.0-0 |
2.66.8-1 |
|
| LOW |
CVE-2011-3389 |
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) |
libgnutls30 |
3.7.1-5 |
|
| LOW |
CVE-2004-0971 |
security flaw |
libgssapi-krb5-2 |
1.18.3-6+deb11u1 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libgssapi-krb5-2 |
1.18.3-6+deb11u1 |
|
| LOW |
CVE-2020-36325 |
jansson: out-of-bounds read in json_loads() due to a parsing error |
libjansson4 |
2.13.1-1.1 |
|
| LOW |
CVE-2004-0971 |
security flaw |
libk5crypto3 |
1.18.3-6+deb11u1 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libk5crypto3 |
1.18.3-6+deb11u1 |
|
| LOW |
CVE-2004-0971 |
security flaw |
libkrb5-3 |
1.18.3-6+deb11u1 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkrb5-3 |
1.18.3-6+deb11u1 |
|
| LOW |
CVE-2004-0971 |
security flaw |
libkrb5support0 |
1.18.3-6+deb11u1 |
|
| LOW |
CVE-2018-5709 |
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c |
libkrb5support0 |
1.18.3-6+deb11u1 |
|
| LOW |
CVE-2015-3276 |
openldap: incorrect multi-keyword mode cipherstring parsing |
libldap-2.4-2 |
2.4.57+dfsg-3 |
|
| LOW |
CVE-2017-14159 |
openldap: Privilege escalation via PID file manipulation |
libldap-2.4-2 |
2.4.57+dfsg-3 |
|
| LOW |
CVE-2017-17740 |
openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers |
libldap-2.4-2 |
2.4.57+dfsg-3 |
|
| LOW |
CVE-2020-15719 |
openldap: Certificate validation incorrectly matches name against CN-ID |
libldap-2.4-2 |
2.4.57+dfsg-3 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libmount1 |
2.36.1-8+deb11u1 |
|
| LOW |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
libncurses6 |
6.2+20201114-2 |
|
| LOW |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
libncursesw6 |
6.2+20201114-2 |
|
| LOW |
CVE-2017-11164 |
pcre: OP_KETRMAX feature in the match function in pcre_exec.c |
libpcre3 |
2:8.39-13 |
|
| LOW |
CVE-2017-16231 |
pcre: self-recursive call in match() in pcre_exec.c leads to denial of service |
libpcre3 |
2:8.39-13 |
|
| LOW |
CVE-2017-7245 |
pcre: stack-based buffer overflow write in pcre32_copy_substring |
libpcre3 |
2:8.39-13 |
|
| LOW |
CVE-2017-7246 |
pcre: stack-based buffer overflow write in pcre32_copy_substring |
libpcre3 |
2:8.39-13 |
|
| LOW |
CVE-2019-20838 |
pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 |
libpcre3 |
2:8.39-13 |
|
| LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
libperl5.32 |
5.32.1-4+deb11u2 |
|
| LOW |
CVE-2019-6129 |
libpng: memory leak of png_info struct in pngcp.c |
libpng16-16 |
1.6.37-3 |
|
| LOW |
CVE-2021-4214 |
libpng: hardcoded value leads to heap-overflow |
libpng16-16 |
1.6.37-3 |
|
| LOW |
CVE-2021-36084 |
libsepol: use-after-free in __cil_verify_classperms() |
libsepol1 |
3.1-1 |
|
| LOW |
CVE-2021-36085 |
libsepol: use-after-free in __cil_verify_classperms() |
libsepol1 |
3.1-1 |
|
| LOW |
CVE-2021-36086 |
libsepol: use-after-free in cil_reset_classpermission() |
libsepol1 |
3.1-1 |
|
| LOW |
CVE-2021-36087 |
libsepol: heap-based buffer overflow in ebitmap_match_any() |
libsepol1 |
3.1-1 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libsmartcols1 |
2.36.1-8+deb11u1 |
|
| LOW |
CVE-2021-36690 |
** DISPUTED ** A segmentation fault can occur in the sqlite3.exe comma ... |
libsqlite3-0 |
3.34.1-3 |
|
| LOW |
CVE-2007-6755 |
Dual_EC_DRBG: weak pseudo random number generator |
libssl1.1 |
1.1.1n-0+deb11u1 |
|
| LOW |
CVE-2010-0928 |
openssl: RSA authentication weakness |
libssl1.1 |
1.1.1n-0+deb11u1 |
|
| LOW |
CVE-2013-4392 |
systemd: TOCTOU race condition when updating file permissions and SELinux security contexts |
libsystemd0 |
247.3-7 |
|
| LOW |
CVE-2020-13529 |
systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t |
libsystemd0 |
247.3-7 |
|
| LOW |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
libtinfo6 |
6.2+20201114-2 |
|
| LOW |
CVE-2013-4392 |
systemd: TOCTOU race condition when updating file permissions and SELinux security contexts |
libudev1 |
247.3-7 |
|
| LOW |
CVE-2020-13529 |
systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t |
libudev1 |
247.3-7 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
libuuid1 |
2.36.1-8+deb11u1 |
|
| LOW |
CVE-2016-9085 |
libwebp: Several integer overflows |
libwebp6 |
0.6.1-2.1 |
|
| LOW |
CVE-2004-0230 |
TCP, when using a large Window Size, makes it easier for remote attack ... |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2005-3660 |
Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ... |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2007-3719 |
kernel: secretly Monopolizing the CPU Without Superuser Privileges |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2008-2544 |
kernel: mounting proc readonly on a different mount point silently mounts it rw if the /proc mount i |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2008-4609 |
kernel: TCP protocol vulnerabilities from Outpost24 |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2010-4563 |
kernel: ipv6: sniffer detection |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2010-5321 |
kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap() |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2011-4915 |
fs/proc/base.c in the Linux kernel through 3.1 allows local users to o ... |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2011-4917 |
In the Linux kernel through 3.1 there is an information disclosure iss ... |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2012-4542 |
kernel: block: default SCSI command filter does not accomodate commands overlap across device classe |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2014-9892 |
The snd_compr_tstamp function in sound/core/compress_offload.c in the ... |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2014-9900 |
kernel: Info leak in uninitialized structure ethtool_wolinfo in ethtool_get_wol() |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2015-2877 |
Kernel: Cross-VM ASL INtrospection (CAIN) |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2016-10723 |
** DISPUTED ** An issue was discovered in the Linux kernel through 4.1 ... |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2016-8660 |
kernel: xfs: local DoS due to a page lock order bug in the XFS seek hole/data implementation |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2017-0630 |
kernel: Information disclosure vulnerability in kernel trace subsystem |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2017-13693 |
kernel: ACPI operand cache leak in dsutils.c |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2017-13694 |
kernel: ACPI node and node_ext cache leak |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2018-1121 |
procps-ng, procps: process hiding through race condition enumerating /proc |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2018-12928 |
kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2018-17977 |
kernel: Mishandled interactions among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP pack |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-11191 |
kernel: race condition in load_aout_binary() allows local users to bypass ASLR on setuid a.out progr |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-12378 |
kernel: unchecked kmalloc of new_ra in ip6_ra_control leads to denial of service |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-12379 |
kernel: memory leak in con_insert_unipair in drivers/tty/vt/consolemap.c |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-12380 |
kernel: memory allocation failure in the efi subsystem leads to denial of service |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-12381 |
kernel: unchecked kmalloc of new_ra in ip_ra_control leads to denial of service |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-12382 |
kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-12455 |
kernel: null pointer dereference in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c causing de |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-12456 |
kernel: double fetch in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl. |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-16229 |
kernel: null pointer dereference in drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-16230 |
kernel: null pointer dereference in drivers/gpu/drm/radeon/radeon_display.c |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-16231 |
kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-16232 |
kernel: null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-16233 |
kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-16234 |
kernel: null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2019-19070 |
kernel: A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c allows for a DoS |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2020-11725 |
kernel: improper handling of private_size*count multiplication due to count=info->owner typo |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2020-35501 |
kernel: audit not logging access to syscall open_by_handle_at for users with CAP_DAC_READ_SEARCH cap |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2021-26934 |
An issue was discovered in the Linux kernel 4.18 through 5.10.16, as u ... |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2021-32078 |
kernel: out-of-bounds read in arch/arm/mach-footbridge/personal-pci.c due to improper input validati |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2022-1734 |
kernel: Use-After-Free in NFC driver in nfcmrvl_nci_unregister_dev when simulating NFC device from u |
linux-libc-dev |
5.10.113-1 |
5.10.120-1 |
| LOW |
CVE-2022-25265 |
kernel: Executable Space Protection Bypass |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2022-32296 |
kernel: insufficient TCP source port randomness leads to client identification |
linux-libc-dev |
5.10.113-1 |
|
| LOW |
CVE-2007-5686 |
initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... |
login |
1:4.8.1-1 |
|
| LOW |
CVE-2013-4235 |
shadow-utils: TOCTOU race conditions by copying and removing directory trees |
login |
1:4.8.1-1 |
|
| LOW |
CVE-2019-19882 |
shadow-utils: local users can obtain root access because setuid programs are misconfigured |
login |
1:4.8.1-1 |
|
| LOW |
CVE-2008-1687 |
m4: unquoted output of maketemp and mkstemp |
m4 |
1.4.18-5 |
|
| LOW |
CVE-2008-1688 |
m4: code execution via -F argument |
m4 |
1.4.18-5 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
mount |
2.36.1-8+deb11u1 |
|
| LOW |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
ncurses-base |
6.2+20201114-2 |
|
| LOW |
CVE-2021-39537 |
ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c |
ncurses-bin |
6.2+20201114-2 |
|
| LOW |
CVE-2007-6755 |
Dual_EC_DRBG: weak pseudo random number generator |
openssl |
1.1.1n-0+deb11u1 |
|
| LOW |
CVE-2010-0928 |
openssl: RSA authentication weakness |
openssl |
1.1.1n-0+deb11u1 |
|
| LOW |
CVE-2007-5686 |
initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... |
passwd |
1:4.8.1-1 |
|
| LOW |
CVE-2013-4235 |
shadow-utils: TOCTOU race conditions by copying and removing directory trees |
passwd |
1:4.8.1-1 |
|
| LOW |
CVE-2019-19882 |
shadow-utils: local users can obtain root access because setuid programs are misconfigured |
passwd |
1:4.8.1-1 |
|
| LOW |
CVE-2010-4651 |
patch: directory traversal flaw allows for arbitrary file creation |
patch |
2.7.6-7 |
|
| LOW |
CVE-2018-6951 |
patch: NULL pointer dereference in pch.c:intuit_diff_type() causes a crash |
patch |
2.7.6-7 |
|
| LOW |
CVE-2018-6952 |
patch: Double free of memory in pch.c:another_hunk() causes a crash |
patch |
2.7.6-7 |
|
| LOW |
CVE-2021-45261 |
patch: Invalid Pointer via another_hunk function |
patch |
2.7.6-7 |
|
| LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
perl |
5.32.1-4+deb11u2 |
|
| LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
perl-base |
5.32.1-4+deb11u2 |
|
| LOW |
CVE-2011-4116 |
perl: File::Temp insecure temporary file handling |
perl-modules-5.32 |
5.32.1-4+deb11u2 |
|
| LOW |
CVE-2018-21232 |
re2c: uncontrolled recursion that causes stack consumption in find_fixed_tags |
re2c |
2.0.3-1 |
|
| LOW |
CVE-2022-23901 |
A stack overflow re2c 2.2 exists due to infinite recursion issues in s ... |
re2c |
2.0.3-1 |
|
| LOW |
CVE-2005-2541 |
tar: does not properly warn the user when extracting setuid or setgid files |
tar |
1.34+dfsg-1 |
|
| LOW |
CVE-2022-0563 |
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline |
util-linux |
2.36.1-8+deb11u1 |
|