Filtered by vendor Debian
Subscribe
Total
8236 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-23916 | 3 Debian, Fedoraproject, Haxx | 3 Debian Linux, Fedora, Curl | 2023-03-09 | N/A | 7.5 HIGH |
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. | |||||
CVE-2021-21342 | 4 Debian, Fedoraproject, Oracle and 1 more | 12 Debian Linux, Fedora, Banking Enterprise Default Management and 9 more | 2023-03-09 | 5.8 MEDIUM | 9.1 CRITICAL |
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. An attacker can manipulate the processed input stream and replace or inject objects, that result in a server-side forgery request. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. | |||||
CVE-2022-39348 | 2 Debian, Twistedmatrix | 2 Debian Linux, Twisted | 2023-03-07 | N/A | 5.4 MEDIUM |
Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. | |||||
CVE-2022-37032 | 2 Debian, Frrouting | 2 Debian Linux, Frrouting | 2023-03-07 | N/A | 9.1 CRITICAL |
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. | |||||
CVE-2023-23009 | 2 Debian, Libreswan | 2 Debian Linux, Libreswan | 2023-03-07 | N/A | 6.5 MEDIUM |
Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length. | |||||
CVE-2022-37454 | 8 Debian, Extended Keccak Code Package Project, Fedoraproject and 5 more | 8 Debian Linux, Extended Keccak Code Package, Fedora and 5 more | 2023-03-06 | N/A | 9.8 CRITICAL |
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. | |||||
CVE-2023-24021 | 2 Debian, Trustwave | 2 Debian Linux, Modsecurity | 2023-03-06 | N/A | 7.5 HIGH |
Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules that read the FILES_TMP_CONTENT collection. | |||||
CVE-2023-27372 | 2 Debian, Spip | 2 Debian Linux, Spip | 2023-03-06 | N/A | 9.8 CRITICAL |
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. | |||||
CVE-2019-14372 | 2 Debian, Libav | 2 Debian Linux, Libav | 2023-03-06 | 4.3 MEDIUM | 6.5 MEDIUM |
In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c. | |||||
CVE-2020-24588 | 8 Arista, Cisco, Debian and 5 more | 350 C-100, C-100 Firmware, C-110 and 347 more | 2023-03-03 | 2.9 LOW | 3.5 LOW |
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. | |||||
CVE-2018-20177 | 3 Debian, Opensuse, Rdesktop | 4 Debian Linux, Backports, Leap and 1 more | 2023-03-03 | 7.5 HIGH | 9.8 CRITICAL |
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution. | |||||
CVE-2019-11884 | 6 Canonical, Debian, Fedoraproject and 3 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2023-03-03 | 2.1 LOW | 3.3 LOW |
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. | |||||
CVE-2019-11459 | 6 Canonical, Debian, Fedoraproject and 3 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2023-03-03 | 4.3 MEDIUM | 5.5 MEDIUM |
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. | |||||
CVE-2018-25047 | 2 Debian, Smarty | 2 Debian Linux, Smarty | 2023-03-03 | N/A | 5.4 MEDIUM |
In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a user. | |||||
CVE-2019-13616 | 6 Canonical, Debian, Fedoraproject and 3 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2023-03-03 | 5.8 MEDIUM | 8.1 HIGH |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | |||||
CVE-2019-15098 | 5 Canonical, Debian, Linux and 2 more | 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more | 2023-03-03 | 4.9 MEDIUM | 4.6 MEDIUM |
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | |||||
CVE-2018-8781 | 4 Canonical, Debian, Linux and 1 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2023-03-03 | 7.2 HIGH | 7.8 HIGH |
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space. | |||||
CVE-2019-14380 | 2 Debian, Openmpt | 2 Debian Linux, Libopenmpt | 2023-03-03 | 4.3 MEDIUM | 6.5 MEDIUM |
libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files. | |||||
CVE-2002-0062 | 5 Debian, Freebsd, Gnu and 2 more | 5 Debian Linux, Freebsd, Ncurses and 2 more | 2023-03-03 | 7.2 HIGH | N/A |
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | |||||
CVE-2005-1796 | 3 Debian, Ettercap, Gnu | 3 Debian Linux, Ettercap, Ncurses | 2023-03-03 | 7.5 HIGH | N/A |
Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code. |