Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-02-06 | CVE-2020-8649 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. | Debian_linux, Linux_kernel, Leap | 5.9 | ||
2020-02-05 | CVE-2020-8631 | cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function. | Cloud\-Init, Debian_linux, Leap | 5.5 | ||
2021-08-08 | CVE-2021-38199 | fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. | Debian_linux, Linux_kernel, Element_software, Hci_bootstrap_os, Hci_management_node, Solidfire | 6.5 | ||
2016-02-15 | CVE-2016-0746 | Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing. | Xcode, Ubuntu_linux, Debian_linux, Nginx, Leap | 9.8 | ||
2016-02-15 | CVE-2016-0747 | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | Xcode, Ubuntu_linux, Debian_linux, Nginx, Leap | 5.3 | ||
2017-04-10 | CVE-2016-1516 | OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. | Debian_linux, Opencv | 8.8 | ||
2017-06-09 | CVE-2017-9525 | In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs. | Cron, Debian_linux | 6.7 | ||
2017-12-29 | CVE-2017-17760 | OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used. | Debian_linux, Opencv | 6.5 | ||
2018-09-04 | CVE-2018-10907 | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution. | Debian_linux, Glusterfs, Leap, Enterprise_linux_server, Virtualization_host | 8.8 | ||
2019-01-16 | CVE-2018-20721 | URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address. | Debian_linux, Uriparser | 9.8 |