Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8866 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-1094 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-08-03 | 6.1 Medium |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure. | ||||
CVE-2021-1076 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-08-03 | 6.6 Medium |
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption. | ||||
CVE-2021-1056 | 3 Debian, Linux, Nvidia | 3 Debian Linux, Linux Kernel, Gpu Driver | 2024-08-03 | 7.1 High |
NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. | ||||
CVE-2021-1093 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-08-03 | 6.2 Medium |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash. | ||||
CVE-2021-0920 | 3 Debian, Google, Redhat | 10 Debian Linux, Android, Enterprise Linux and 7 more | 2024-08-03 | 6.4 Medium |
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel | ||||
CVE-2021-0561 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Android and 1 more | 2024-08-03 | 5.5 Medium |
In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683 | ||||
CVE-2021-0326 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Android and 1 more | 2024-08-03 | 7.5 High |
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525 | ||||
CVE-2021-0308 | 3 Debian, Google, Redhat | 4 Debian Linux, Android, Enterprise Linux and 1 more | 2024-08-03 | 6.8 Medium |
In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095. | ||||
CVE-2021-0129 | 4 Bluez, Debian, Linux and 1 more | 4 Bluez, Debian Linux, Linux Kernel and 1 more | 2024-08-03 | 5.7 Medium |
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | ||||
CVE-2021-0089 | 3 Debian, Fedoraproject, Intel | 12 Debian Linux, Fedora, Celeron Processors and 9 more | 2024-08-03 | 6.5 Medium |
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||||
CVE-2022-48554 | 3 Debian, File Project, Redhat | 3 Debian Linux, File, Enterprise Linux | 2024-08-03 | 5.5 Medium |
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. | ||||
CVE-2022-48566 | 3 Debian, Netapp, Python | 4 Debian Linux, Active Iq Unified Manager, Converged Systems Advisor Agent and 1 more | 2024-08-03 | 5.9 Medium |
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest. | ||||
CVE-2022-48565 | 3 Debian, Python, Redhat | 3 Debian Linux, Python, Enterprise Linux | 2024-08-03 | 9.8 Critical |
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. | ||||
CVE-2022-48560 | 3 Debian, Python, Redhat | 4 Debian Linux, Python, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
A use-after-free exists in Python through 3.9 via heappushpop in heapq. | ||||
CVE-2022-48337 | 3 Debian, Gnu, Redhat | 4 Debian Linux, Emacs, Enterprise Linux and 1 more | 2024-08-03 | 9.8 Critical |
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input. | ||||
CVE-2022-48281 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2024-08-03 | 5.5 Medium |
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. | ||||
CVE-2022-48279 | 3 Debian, Redhat, Trustwave | 3 Debian Linux, Jboss Core Services, Modsecurity | 2024-08-03 | 7.5 High |
In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity (C language) codebase. | ||||
CVE-2022-47655 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-08-03 | 7.8 High |
Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback<unsigned short> | ||||
CVE-2022-47950 | 3 Debian, Openstack, Redhat | 3 Debian Linux, Swift, Openstack | 2024-08-03 | 6.5 Medium |
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed). | ||||
CVE-2022-47951 | 3 Debian, Openstack, Redhat | 5 Debian Linux, Cinder, Glance and 2 more | 2024-08-03 | 5.7 Medium |
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. |