Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Total 8956 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-25032 2 Debian, Nlnetlabs 2 Debian Linux, Unbound 2024-03-21 7.5 HIGH 9.8 CRITICAL
Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
CVE-2019-25031 2 Debian, Nlnetlabs 2 Debian Linux, Unbound 2024-03-21 4.3 MEDIUM 5.9 MEDIUM
Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. create_unbound_ad_servers.sh is a contributed script from the community that facilitates automatic configuration creation. It is not part of the Unbound installation
CVE-2019-19039 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-03-21 1.9 LOW 5.5 MEDIUM
__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because “1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.
CVE-2018-8754 2 Debian, Libevt Project 2 Debian Linux, Libevt 2024-03-21 2.1 LOW 5.5 MEDIUM
The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub
CVE-2018-7995 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-03-21 4.7 MEDIUM 4.7 MEDIUM
Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck<cpu number> directory. NOTE: a third party has indicated that this report is not security relevant
CVE-2018-16585 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2024-03-21 6.8 MEDIUM 7.8 HIGH
An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193)
CVE-2018-1000204 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-03-21 6.3 MEDIUM 5.3 MEDIUM
Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don't usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it "virtually impossible to exploit.
CVE-2017-17527 2 Debian, Pasdoc Project 2 Debian Linux, Pasdoc 2024-03-21 6.8 MEDIUM 8.8 HIGH
delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has indicated that the code referencing the BROWSER environment variable is never used
CVE-2017-17520 1 Debian 1 Tin 2024-03-21 6.8 MEDIUM 8.8 HIGH
tools/url_handler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior, because the documentation states "url_handler.pl was designed to work together with tin which only issues shell escaped absolute URLs.
CVE-2017-17515 2 Debian, Ecmwf 2 Debian Linux, Metview 2024-03-21 6.8 MEDIUM 8.8 HIGH
etc/ObjectList in Metview 4.7.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the code to access this environment variable is not enabled in the shipped product
CVE-2017-17514 2 Debian, Nip2 Project 2 Debian Linux, Nip2 2024-03-21 6.8 MEDIUM 8.8 HIGH
boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER environment variable
CVE-2008-5135 1 Debian 1 Os-prober 2024-03-21 6.2 MEDIUM N/A
os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users.
CVE-2008-4996 1 Debian 1 Initramfs-tools 2024-03-21 6.9 MEDIUM N/A
init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable.
CVE-2008-4950 1 Debian 1 Dpkg-cross 2024-03-21 6.9 MEDIUM N/A
gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments within a chroot.
CVE-2016-1244 2 Debian, Unadf Project 2 Debian Linux, Unadf 2024-03-15 9.3 HIGH 8.8 HIGH
The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.
CVE-2016-1243 2 Debian, Unadf Project 2 Debian Linux, Unadf 2024-03-15 7.5 HIGH 9.8 CRITICAL
Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.
CVE-2022-38751 2 Debian, Snakeyaml Project 2 Debian Linux, Snakeyaml 2024-03-15 N/A 6.5 MEDIUM
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
CVE-2022-38750 2 Debian, Snakeyaml Project 2 Debian Linux, Snakeyaml 2024-03-15 N/A 5.5 MEDIUM
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
CVE-2022-38749 2 Debian, Snakeyaml Project 2 Debian Linux, Snakeyaml 2024-03-15 N/A 6.5 MEDIUM
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
CVE-2022-25857 2 Debian, Snakeyaml Project 2 Debian Linux, Snakeyaml 2024-03-15 N/A 7.5 HIGH
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.