Filtered by vendor Debian Subscriptions
Filtered by product Debian Linux Subscriptions
Total 8871 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-3265 4 Debian, Mariadb, Oracle and 1 more 11 Debian Linux, Mariadb, Mysql and 8 more 2024-10-09 5.6 Medium
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).
CVE-2023-39534 2 Debian, Eprosima 2 Debian Linux, Fast Dds 2024-10-09 7.5 High
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue.
CVE-2023-39945 2 Debian, Eprosima 2 Debian Linux, Fast Dds 2024-10-09 8.2 High
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled `BadParamException` in fastcdr, which in turn crashes fastdds. Versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5 contain a patch for this issue.
CVE-2023-39948 2 Debian, Eprosima 2 Debian Linux, Fast Dds 2024-10-09 7.5 High
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the `BadParamException` thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain a patch for this issue.
CVE-2023-39949 2 Debian, Eprosima 2 Debian Linux, Fast Dds 2024-10-09 7.5 High
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.
CVE-2016-3427 8 Apache, Canonical, Debian and 5 more 42 Cassandra, Ubuntu Linux, Debian Linux and 39 more 2024-10-09 9.8 Critical
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
CVE-2022-47184 2 Apache, Debian 2 Traffic Server, Debian Linux 2024-10-09 7.5 High
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.
CVE-2023-27932 3 Apple, Debian, Redhat 8 Ipados, Iphone Os, Macos and 5 more 2024-10-09 5.5 Medium
This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy.
CVE-2017-3291 4 Debian, Mariadb, Oracle and 1 more 11 Debian Linux, Mariadb, Mysql and 8 more 2024-10-08 6.3 Medium
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).
CVE-2023-1820 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-08 8.8 High
Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1815 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-08 8.8 High
Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2017-3312 4 Debian, Mariadb, Oracle and 1 more 5 Debian Linux, Mariadb, Mysql and 2 more 2024-10-08 6.7 Medium
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts).
CVE-2017-3313 5 Canonical, Debian, Mariadb and 2 more 12 Ubuntu Linux, Debian Linux, Mariadb and 9 more 2024-10-08 4.7 Medium
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).
CVE-2017-3317 4 Debian, Mariadb, Oracle and 1 more 11 Debian Linux, Mariadb, Mysql and 8 more 2024-10-08 4.0 Medium
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).
CVE-2017-3318 4 Debian, Mariadb, Oracle and 1 more 11 Debian Linux, Mariadb, Mysql and 8 more 2024-10-08 4.0 Medium
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).
CVE-2017-3302 4 Debian, Mariadb, Oracle and 1 more 10 Debian Linux, Mariadb, Mysql and 7 more 2024-10-08 N/A
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
CVE-2023-1821 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-08 6.5 Medium
Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-1819 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-08 6.5 Medium
Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1812 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-08 8.8 High
Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1811 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-08 8.8 High
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)