Total
8120 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-3640 | 5 Canonical, Debian, Fedoraproject and 2 more | 20 Ubuntu Linux, Debian Linux, Fedora and 17 more | 2024-02-04 | 6.9 MEDIUM | 7.0 HIGH |
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system. | |||||
CVE-2021-45444 | 3 Debian, Fedoraproject, Zsh | 3 Debian Linux, Fedora, Zsh | 2024-02-04 | 5.1 MEDIUM | 7.8 HIGH |
In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion. | |||||
CVE-2021-4002 | 4 Debian, Fedoraproject, Linux and 1 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2024-02-04 | 3.6 LOW | 4.4 MEDIUM |
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data. | |||||
CVE-2022-31043 | 3 Debian, Drupal, Guzzlephp | 3 Debian Linux, Drupal, Guzzle | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Guzzle is an open source PHP HTTP client. In affected versions `Authorization` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, we should not forward the `Authorization` header on. This is much the same as to how we don't forward on the header if the host changes. Prior to this fix, `https` to `http` downgrades did not result in the `Authorization` header being removed, only changes to the host. Affected Guzzle 7 users should upgrade to Guzzle 7.4.4 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.7 or 7.4.4. Users unable to upgrade may consider an alternative approach which would be to use their own redirect middleware. Alternately users may simply disable redirects all together if redirects are not expected or required. | |||||
CVE-2022-29599 | 2 Apache, Debian | 2 Maven Shared Utils, Debian Linux | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. | |||||
CVE-2022-27114 | 2 Debian, Htmldoc Project | 2 Debian Linux, Htmldoc | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function. | |||||
CVE-2021-43666 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. | |||||
CVE-2021-43303 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied | |||||
CVE-2020-28618 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfloop(). | |||||
CVE-2022-26505 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2024-02-04 | 4.3 MEDIUM | 7.4 HIGH |
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files. | |||||
CVE-2022-1195 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. | |||||
CVE-2020-28610 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SM_io_parser.h SM_io_parser<Decorator_>::read_vertex() set_face(). | |||||
CVE-2021-46790 | 2 Debian, Tuxera | 2 Debian Linux, Ntfs-3g | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions. | |||||
CVE-2022-27447 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h. | |||||
CVE-2022-0865 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045. | |||||
CVE-2022-0943 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. | |||||
CVE-2022-21831 | 2 Debian, Rubyonrails | 2 Debian Linux, Active Storage | 2024-02-04 | 6.8 MEDIUM | 9.8 CRITICAL |
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments. | |||||
CVE-2022-0629 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
CVE-2022-31799 | 3 Bottlepy, Debian, Fedoraproject | 3 Bottle, Debian Linux, Fedora | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Bottle before 0.12.20 mishandles errors during early request binding. | |||||
CVE-2022-1616 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution |