Filtered by vendor Debian
Subscriptions
Total
9005 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2285 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-08-03 | 7.8 High |
| Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. | ||||
| CVE-2022-2304 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-08-03 | 7.8 High |
| Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. | ||||
| CVE-2022-2196 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-08-03 | 5.8 Medium |
| A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a | ||||
| CVE-2022-2153 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-08-03 | 5.5 Medium |
| A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. | ||||
| CVE-2022-2057 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-08-03 | 5.5 Medium |
| Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. | ||||
| CVE-2022-2129 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-08-03 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2124 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2126 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2056 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-08-03 | 5.5 Medium |
| Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. | ||||
| CVE-2022-2132 | 4 Debian, Dpdk, Fedoraproject and 1 more | 15 Debian Linux, Data Plane Development Kit, Fedora and 12 more | 2024-08-03 | 8.6 High |
| A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. | ||||
| CVE-2022-2078 | 3 Debian, Linux, Redhat | 6 Debian Linux, Linux Kernel, Enterprise Linux and 3 more | 2024-08-03 | 5.5 Medium |
| A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. | ||||
| CVE-2022-2122 | 3 Debian, Gstreamer Project, Redhat | 3 Debian Linux, Gstreamer, Enterprise Linux | 2024-08-03 | 7.8 High |
| DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. | ||||
| CVE-2022-2058 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-08-03 | 5.5 Medium |
| Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. | ||||
| CVE-2022-2047 | 4 Debian, Eclipse, Netapp and 1 more | 9 Debian Linux, Jetty, Element Plug-in For Vcenter Server and 6 more | 2024-08-03 | 2.7 Low |
| In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario. | ||||
| CVE-2022-2048 | 5 Debian, Eclipse, Jenkins and 2 more | 12 Debian Linux, Jetty, Jenkins and 9 more | 2024-08-03 | 7.5 High |
| In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests. | ||||
| CVE-2022-2000 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1968 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1942 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1941 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Protobuf-cpp and 1 more | 2024-08-03 | 7.5 High |
| A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated. | ||||
| CVE-2022-1924 | 3 Debian, Gstreamer Project, Redhat | 3 Debian Linux, Gstreamer, Enterprise Linux | 2024-08-03 | 7.8 High |
| DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | ||||