Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Total 7552 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0562 4 Debian, Fedoraproject, Libtiff and 1 more 4 Debian Linux, Fedora, Libtiff and 1 more 2022-11-16 4.3 MEDIUM 5.5 MEDIUM
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c.
CVE-2022-0561 5 Debian, Fedoraproject, Libtiff and 2 more 5 Debian Linux, Fedora, Libtiff and 2 more 2022-11-16 4.3 MEDIUM 5.5 MEDIUM
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.
CVE-2022-22844 3 Debian, Libtiff, Netapp 3 Debian Linux, Libtiff, Ontap Select Deploy Administration Utility 2022-11-16 4.3 MEDIUM 5.5 MEDIUM
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.
CVE-2021-41141 2 Debian, Teluu 2 Debian Linux, Pjsip 2022-11-16 7.8 HIGH 7.5 HIGH
PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently held locks. This could result in a system deadlock, which cause a denial of service for the users. No release has yet been made which contains the linked fix commit. All versions up to an including 2.11.1 are affected. Users may need to manually apply the patch.
CVE-2021-32686 2 Debian, Teluu 2 Debian Linux, Pjsip 2022-11-16 4.3 MEDIUM 5.9 MEDIUM
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/listener may get destroyed during handshake. Both issues were reported to happen intermittently in heavy load TLS connections. They cause a crash, resulting in a denial of service. These are fixed in version 2.11.1.
CVE-2022-37434 5 Apple, Debian, Fedoraproject and 2 more 20 Ipad Os, Iphone Os, Macos and 17 more 2022-11-16 N/A 9.8 CRITICAL
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
CVE-2022-29970 2 Debian, Sinatrarb 2 Debian Linux, Sinatra 2022-11-16 5.0 MEDIUM 7.5 HIGH
Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.
CVE-2020-26558 5 Bluetooth, Debian, Fedoraproject and 2 more 34 Bluetooth Core Specification, Debian Linux, Fedora and 31 more 2022-11-16 4.3 MEDIUM 4.2 MEDIUM
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
CVE-2020-27751 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2022-11-16 4.3 MEDIUM 3.3 LOW
A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long` as well as a shift exponent that is too large for 64-bit type. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
CVE-2017-18926 3 Debian, Fedoraproject, Librdf 3 Debian Linux, Fedora, Raptor Rdf Syntax Library 2022-11-16 5.8 MEDIUM 7.1 HIGH
raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).
CVE-2020-15678 3 Debian, Mozilla, Opensuse 5 Debian Linux, Firefox, Firefox Esr and 2 more 2022-11-16 6.8 MEDIUM 8.8 HIGH
When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
CVE-2020-15677 3 Debian, Mozilla, Opensuse 5 Debian Linux, Firefox, Firefox Esr and 2 more 2022-11-16 5.8 MEDIUM 6.1 MEDIUM
By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
CVE-2020-15676 3 Debian, Mozilla, Opensuse 5 Debian Linux, Firefox, Firefox Esr and 2 more 2022-11-16 4.3 MEDIUM 6.1 MEDIUM
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
CVE-2020-25211 3 Debian, Fedoraproject, Linux 3 Debian Linux, Fedora, Linux Kernel 2022-11-16 3.6 LOW 6.0 MEDIUM
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.
CVE-2020-26880 3 Debian, Fedoraproject, Sympa 3 Debian Linux, Fedora, Sympa 2022-11-16 7.2 HIGH 7.8 HIGH
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable.
CVE-2020-26117 3 Debian, Opensuse, Tigervnc 3 Debian Linux, Leap, Tigervnc 2022-11-16 5.8 MEDIUM 8.1 HIGH
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
CVE-2020-15166 3 Debian, Fedoraproject, Zeromq 3 Debian Linux, Fedora, Libzmq 2022-11-16 5.0 MEDIUM 7.5 HIGH
In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able to exchange any message. Handshakes complete successfully, and messages are delivered to the library, but the server application never receives them. This is patched in version 4.3.3.
CVE-2019-15505 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2022-11-16 10.0 HIGH 9.8 CRITICAL
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
CVE-2020-14364 6 Canonical, Debian, Fedoraproject and 3 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2022-11-16 4.4 MEDIUM 5.0 MEDIUM
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
CVE-2020-7729 3 Canonical, Debian, Gruntjs 3 Ubuntu Linux, Debian Linux, Grunt 2022-11-16 4.6 MEDIUM 7.1 HIGH
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.