Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8866 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-32436 | 3 Abcm2ps Project, Debian, Fedoraproject | 3 Abcm2ps, Debian Linux, Fedora | 2024-08-03 | 6.5 Medium |
| An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | ||||
| CVE-2021-32399 | 4 Debian, Linux, Netapp and 1 more | 27 Debian Linux, Linux Kernel, Cloud Backup and 24 more | 2024-08-03 | 7.0 High |
| net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | ||||
| CVE-2021-32278 | 2 Debian, Faad2 Project | 2 Debian Linux, Faad2 | 2024-08-03 | 7.8 High |
| An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code Execution. | ||||
| CVE-2021-32272 | 2 Debian, Faad2 Project | 2 Debian Linux, Faad2 | 2024-08-03 | 7.8 High |
| An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution. | ||||
| CVE-2021-32280 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-08-03 | 5.5 Medium |
| An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8. | ||||
| CVE-2021-32273 | 2 Debian, Faad2 Project | 2 Debian Linux, Faad2 | 2024-08-03 | 7.8 High |
| An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to cause Code Execution. | ||||
| CVE-2021-32276 | 2 Debian, Faad2 Project | 2 Debian Linux, Faad2 | 2024-08-03 | 5.5 Medium |
| An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service. | ||||
| CVE-2021-32274 | 2 Debian, Faad2 Project | 2 Debian Linux, Faad2 | 2024-08-03 | 7.8 High |
| An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution. | ||||
| CVE-2021-32277 | 2 Debian, Faad2 Project | 2 Debian Linux, Faad2 | 2024-08-03 | 7.8 High |
| An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows an attacker to cause code Execution. | ||||
| CVE-2021-31872 | 2 Debian, Klibc Project | 2 Debian Linux, Klibc | 2024-08-03 | 9.8 Critical |
| An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact. | ||||
| CVE-2021-31916 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-08-03 | 6.7 Medium |
| An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-31866 | 2 Debian, Redmine | 2 Debian Linux, Redmine | 2024-08-03 | 5.3 Medium |
| Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing timing differences in string comparison operations within SysController and MailHandlerController. | ||||
| CVE-2021-31863 | 2 Debian, Redmine | 2 Debian Linux, Redmine | 2024-08-03 | 7.5 High |
| Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local files accessible by the application server process. | ||||
| CVE-2021-31870 | 2 Debian, Klibc Project | 2 Debian Linux, Klibc | 2024-08-03 | 9.8 Critical |
| An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow. | ||||
| CVE-2021-31871 | 2 Debian, Klibc Project | 2 Debian Linux, Klibc | 2024-08-03 | 7.5 High |
| An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems. | ||||
| CVE-2021-31829 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-08-03 | 5.5 Medium |
| kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel. | ||||
| CVE-2021-31810 | 5 Debian, Fedoraproject, Oracle and 2 more | 8 Debian Linux, Fedora, Jd Edwards Enterpriseone Tools and 5 more | 2024-08-03 | 5.8 Medium |
| An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). | ||||
| CVE-2021-31891 | 2 Debian, Siemens | 6 Debian Linux, Desigo Cc, Gma-manager and 3 more | 2024-08-03 | 10.0 Critical |
| A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges. | ||||
| CVE-2021-31864 | 2 Debian, Redmine | 2 Debian Linux, Redmine | 2024-08-03 | 5.3 Medium |
| Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the add_issue_notes permission requirement by leveraging the incoming mail handler. | ||||
| CVE-2021-31873 | 2 Debian, Klibc Project | 2 Debian Linux, Klibc | 2024-08-03 | 9.8 Critical |
| An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow. | ||||