Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Filtered by product Debian Linux
Total 6549 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-27842 5 Debian, Fedoraproject, Oracle and 2 more 11 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 8 more 2022-06-14 4.3 MEDIUM 5.5 MEDIUM
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.
CVE-2019-9971 2 3cx, Debian 3 Phone System, Phone System Firmware, Debian Linux 2022-06-14 9.0 HIGH 8.8 HIGH
PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpdump can be unsafe when used in conjunction with sudo.
CVE-2019-9972 2 3cx, Debian 3 Phone System, Phone System Firmware, Debian Linux 2022-06-14 9.0 HIGH 8.8 HIGH
PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of "<space><space> followed by <shift><enter>" mishandling.
CVE-2021-39275 5 Apache, Debian, Fedoraproject and 2 more 7 Http Server, Debian Linux, Fedora and 4 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2022-23990 5 Debian, Fedoraproject, Libexpat Project and 2 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
CVE-2021-33910 4 Debian, Fedoraproject, Netapp and 1 more 5 Debian Linux, Fedora, Hci Management Node and 2 more 2022-06-14 4.9 MEDIUM 5.5 MEDIUM
basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.
CVE-2021-34798 7 Apache, Broadcom, Debian and 4 more 14 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 11 more 2022-06-14 5.0 MEDIUM 7.5 HIGH
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-45960 4 Debian, Libexpat Project, Netapp and 1 more 7 Debian Linux, Libexpat, Active Iq Unified Manager and 4 more 2022-06-14 9.0 HIGH 8.8 HIGH
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
CVE-2022-25315 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
CVE-2021-22924 5 Debian, Fedoraproject, Haxx and 2 more 7 Debian Linux, Fedora, Libcurl and 4 more 2022-06-14 4.3 MEDIUM 3.7 LOW
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.
CVE-2022-25236 3 Debian, Libexpat Project, Oracle 4 Debian Linux, Libexpat, Http Server and 1 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
CVE-2021-41103 3 Debian, Fedoraproject, Linuxfoundation 3 Debian Linux, Fedora, Containerd 2022-06-14 7.2 HIGH 7.8 HIGH
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as setuid), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This vulnerability has been fixed in containerd 1.4.11 and containerd 1.5.7. Users should update to these version when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users. Update directory permission on container bundles directories.
CVE-2021-20317 2 Debian, Linux 2 Debian Linux, Linux Kernel 2022-06-14 4.9 MEDIUM 4.4 MEDIUM
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
CVE-2021-36221 4 Debian, Fedoraproject, Golang and 1 more 4 Debian Linux, Fedora, Go and 1 more 2022-06-14 4.3 MEDIUM 5.9 MEDIUM
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
CVE-2022-25235 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
CVE-2022-23852 5 Debian, Libexpat Project, Netapp and 2 more 6 Debian Linux, Libexpat, Clustered Data Ontap and 3 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVE-2021-40438 6 Apache, Debian, F5 and 3 more 9 Http Server, Debian Linux, F5os and 6 more 2022-06-14 6.8 MEDIUM 9.0 CRITICAL
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2022-25313 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-06-14 4.3 MEDIUM 6.5 MEDIUM
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
CVE-2022-25314 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-06-14 5.0 MEDIUM 7.5 HIGH
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
CVE-2022-0778 4 Debian, Fedoraproject, Netapp and 1 more 12 Debian Linux, Fedora, 500f and 9 more 2022-06-14 5.0 MEDIUM 7.5 HIGH
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).