Filtered by vendor Debian
Subscriptions
Total
9005 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0413 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-08-02 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-0408 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-08-02 | 7.8 High |
| Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-0368 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2024-08-02 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-0367 | 3 Debian, Fedoraproject, Libmodbus | 4 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 1 more | 2024-08-02 | 7.8 High |
| A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. | ||||
| CVE-2022-0351 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2024-08-02 | 7.8 High |
| Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-0318 | 4 Apple, Debian, Redhat and 1 more | 4 Macos, Debian Linux, Enterprise Linux and 1 more | 2024-08-02 | 9.8 Critical |
| Heap-based Buffer Overflow in vim/vim prior to 8.2. | ||||
| CVE-2022-0261 | 4 Apple, Debian, Redhat and 1 more | 5 Mac Os X, Macos, Debian Linux and 2 more | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-0235 | 4 Debian, Node-fetch Project, Redhat and 1 more | 14 Debian Linux, Node-fetch, Acm and 11 more | 2024-08-02 | 6.1 Medium |
| node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | ||||
| CVE-2022-0213 | 2 Debian, Vim | 2 Debian Linux, Vim | 2024-08-02 | 6.6 Medium |
| vim is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2022-0204 | 3 Bluez, Debian, Fedoraproject | 3 Bluez, Debian Linux, Fedora | 2024-08-02 | 8.8 High |
| A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | ||||
| CVE-2022-0194 | 2 Debian, Netatalk | 2 Debian Linux, Netatalk | 2024-08-02 | 9.8 Critical |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15876. | ||||
| CVE-2022-0171 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-08-02 | 5.5 Medium |
| A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). | ||||
| CVE-2022-0135 | 3 Debian, Redhat, Virglrenderer Project | 3 Debian Linux, Enterprise Linux, Virglrenderer | 2024-08-02 | 7.8 High |
| An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution. | ||||
| CVE-2023-51780 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-08-02 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. | ||||
| CVE-2023-51782 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-02 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. | ||||
| CVE-2023-51781 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-02 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. | ||||
| CVE-2023-51766 | 3 Debian, Exim, Fedoraproject | 4 Debian Linux, Exim, Extra Packages For Enterprise Linux and 1 more | 2024-08-02 | 5.3 Medium |
| Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not. | ||||
| CVE-2023-51384 | 2 Debian, Openbsd | 2 Debian Linux, Openssh | 2024-08-02 | 5.5 Medium |
| In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys. | ||||
| CVE-2023-51385 | 3 Debian, Openbsd, Redhat | 5 Debian Linux, Openssh, Enterprise Linux and 2 more | 2024-08-02 | 6.5 Medium |
| In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. | ||||
| CVE-2023-50762 | 3 Debian, Mozilla, Redhat | 7 Debian Linux, Thunderbird, Enterprise Linux and 4 more | 2024-08-02 | 4.3 Medium |
| When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a different context, such as a signed GIT commit, could be used to spoof an email message. This vulnerability affects Thunderbird < 115.6. | ||||