Product:

Debian_linux

(Debian)
Repositories https://github.com/torvalds/linux
https://github.com/ImageMagick/ImageMagick
https://github.com/WordPress/WordPress
https://github.com/krb5/krb5
https://github.com/FFmpeg/FFmpeg
https://github.com/rdesktop/rdesktop
https://github.com/neomutt/neomutt
https://github.com/FasterXML/jackson-databind
https://github.com/the-tcpdump-group/tcpdump
https://github.com/redmine/redmine
https://github.com/rubygems/rubygems
https://github.com/dbry/WavPack
https://github.com/uclouvain/openjpeg
https://github.com/bcgit/bc-java
https://github.com/kyz/libmspack
https://github.com/mantisbt/mantisbt
https://github.com/libgd/libgd
https://github.com/gpac/gpac
https://github.com/newsoft/libvncserver
https://github.com/mruby/mruby
https://github.com/libgit2/libgit2
https://github.com/uriparser/uriparser
https://github.com/mdadams/jasper
https://github.com/LibRaw/LibRaw
https://github.com/ceph/ceph
https://github.com/php/php-src
https://github.com/FreeRDP/FreeRDP
https://github.com/verdammelt/tnef
https://github.com/LibVNC/libvncserver
https://github.com/libevent/libevent
https://github.com/ARMmbed/mbedtls
https://github.com/antirez/redis
https://github.com/openssl/openssl
https://github.com/ntp-project/ntp
https://github.com/inspircd/inspircd
https://github.com/Perl/perl5
https://github.com/OTRS/otrs
https://github.com/Yeraze/ytnef
https://github.com/python-pillow/Pillow
https://github.com/perl5-dbi/DBD-mysql
https://github.com/memcached/memcached
https://github.com/openvswitch/ovs
https://github.com/mm2/Little-CMS
https://github.com/SpiderLabs/ModSecurity
https://github.com/szukw000/openjpeg
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/kamailio/kamailio
https://github.com/vadz/libtiff
https://github.com/curl/curl
https://github.com/dovecot/core
https://github.com/znc/znc
https://github.com/horde/horde
https://github.com/mono/mono
https://github.com/paramiko/paramiko
https://github.com/resiprocate/resiprocate
https://github.com/nih-at/libzip
https://github.com/twigphp/Twig
https://github.com/lighttpd/lighttpd1.4
https://github.com/vim/vim
https://github.com/jquery/jquery-ui
https://github.com/haproxy/haproxy
https://github.com/smarty-php/smarty
https://github.com/symfony/symfony
https://github.com/dom4j/dom4j
https://github.com/ansible/ansible
https://github.com/mapserver/mapserver
https://github.com/apache/httpd
https://github.com/stoth68000/media-tree
https://github.com/ImageMagick/ImageMagick6
https://github.com/antlarr/audiofile
https://github.com/shadow-maint/shadow
https://github.com/codehaus-plexus/plexus-utils
https://github.com/lxml/lxml
https://github.com/GStreamer/gst-plugins-ugly
https://github.com/erikd/libsndfile
https://github.com/ruby/openssl
https://github.com/python/cpython
https://github.com/akrennmair/newsbeuter
https://github.com/beanshell/beanshell
https://github.com/openssh/openssh-portable
https://github.com/git/git
https://github.com/openbsd/src
• git://git.openssl.org/openssl.git
https://github.com/weechat/weechat
https://github.com/cyu/rack-cors
https://github.com/mysql/mysql-server
https://github.com/Exim/exim
https://github.com/GNOME/nautilus
https://github.com/varnishcache/varnish-cache
https://github.com/inverse-inc/sogo
https://github.com/phusion/passenger
https://github.com/codehaus-plexus/plexus-archiver
https://github.com/karelzak/util-linux
https://git.kernel.org/pub/scm/git/git.git
https://github.com/apple/cups
https://github.com/shadowsocks/shadowsocks-libev
https://github.com/simplesamlphp/simplesamlphp
https://github.com/GNOME/evince
https://github.com/torproject/tor
https://github.com/derickr/timelib
https://github.com/libarchive/libarchive
https://git.savannah.gnu.org/git/patch.git
https://github.com/puppetlabs/puppet
https://github.com/golang/go
https://github.com/sleuthkit/sleuthkit
https://github.com/zhutougg/c3p0
https://github.com/flori/json
https://github.com/eldy/awstats
https://github.com/jcupitt/libvips
https://github.com/simplesamlphp/saml2
https://github.com/DanBloomberg/leptonica
https://github.com/anymail/django-anymail
https://github.com/mpv-player/mpv
https://github.com/TeX-Live/texlive-source
https://github.com/vim-syntastic/syntastic
https://github.com/gosa-project/gosa-core
https://github.com/Cisco-Talos/clamav-devel
https://github.com/GNOME/librsvg
https://github.com/viewvc/viewvc
https://github.com/moinwiki/moin-1.9
https://github.com/splitbrain/dokuwiki
https://github.com/heimdal/heimdal
https://github.com/openstack/swauth
https://github.com/bottlepy/bottle
https://github.com/charybdis-ircd/charybdis
https://github.com/westes/flex
https://github.com/mjg59/pupnp-code
https://github.com/collectd/collectd
https://github.com/django/django
https://git.videolan.org/git/vlc.git
https://github.com/atheme/atheme
https://github.com/jpirko/libndp
https://github.com/fragglet/lhasa
https://github.com/neovim/neovim
https://github.com/Quagga/quagga
https://github.com/rohe/pysaml2
https://github.com/varnish/Varnish-Cache
https://github.com/PHPMailer/PHPMailer
https://github.com/Automattic/Genericons
https://github.com/jmacd/xdelta-devel
https://github.com/file/file
https://github.com/ellson/graphviz
https://github.com/axkibe/lsyncd
https://github.com/quassel/quassel
https://github.com/yarolig/didiwiki
#Vulnerabilities 6398
Date Id Summary Products Score Patch Annotated
2020-12-17 CVE-2020-35490 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. Debian_linux, Jackson\-Databind, Service_level_manager, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_platform, Banking_treasury_management, Banking_virtual_account_management, Blockchain_platform, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_diameter_signaling_router, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_interactive_session_recorder, Communications_offline_mediation_controller, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_unified_inventory_management, Documaker, Insurance_policy_administration_j2ee, Retail_merchandising_system, Retail_xstore_point_of_service, Webcenter_portal 8.1
2021-01-07 CVE-2020-36179 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. Debian_linux, Jackson\-Databind, Cloud_backup, Service_level_manager, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_supply_chain_finance, Banking_treasury_management, Banking_virtual_account_managemen, Blockchain_platform, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_diameter_signaling_route, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Data_integrator, Goldengate_application_adapters, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal 8.1
2021-01-07 CVE-2020-36182 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. Debian_linux, Jackson\-Databind, Cloud_backup, Service_level_manager, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_extensibility_workbench, Banking_supply_chain_finance, Banking_treasury_management, Banking_virtual_account_managemen, Blockchain_platform, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_diameter_signaling_route, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Data_integrator, Documaker, Goldengate_application_adapters, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal 8.1
2021-01-07 CVE-2020-36183 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool. Debian_linux, Jackson\-Databind, Cloud_backup, Service_level_manager, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_extensibility_workbench, Banking_supply_chain_finance, Banking_treasury_management, Banking_virtual_account_managemen, Blockchain_platform, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_diameter_signaling_route, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Data_integrator, Documaker, Goldengate_application_adapters, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal 8.1
2021-03-20 CVE-2021-28950 An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. Debian_linux, Fedora, Linux_kernel 5.5
2021-04-29 CVE-2020-18032 Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component. Debian_linux, Fedora, Graphviz 7.8
2021-05-10 CVE-2021-32399 net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. Debian_linux, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_baseboard_management_controller_firmware 7.0
2021-05-26 CVE-2020-25669 A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free. Debian_linux, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller 7.8
2021-05-26 CVE-2021-25217 In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to:... Debian_linux, Fedora, Dhcp, Ontap_select_deploy_administration_utility, Solidfire_\&_hci_management_node, Ruggedcom_rox_mx5000_firmware, Ruggedcom_rox_rx1400_firmware, Ruggedcom_rox_rx1500_firmware, Ruggedcom_rox_rx1501_firmware, Ruggedcom_rox_rx1510_firmware, Ruggedcom_rox_rx1511_firmware, Ruggedcom_rox_rx1512_firmware, Ruggedcom_rox_rx1524_firmware, Ruggedcom_rox_rx1536_firmware, Ruggedcom_rox_rx5000_firmware 7.4
2009-08-06 CVE-2009-2625 XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework. Xerces2_java, Ubuntu_linux, Debian_linux, Fedora, Opensuse, Jdk, Primavera_p6_enterprise_project_portfolio_management, Primavera_web_services, Linux_enterprise_server N/A