Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-07-13 | CVE-2020-19716 | A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS). | Debian_linux, Exiv2 | 6.5 | ||
2021-07-18 | CVE-2021-36773 | uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss of all blocking functionality). | Debian_linux, Nmatrix, Ublock_origin, Umatrix | 7.5 | ||
2021-11-03 | CVE-2021-22960 | The parse function in llhttp < 2.1.4 and < 6.0.6. ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. | Debian_linux, Llhttp, Graalvm | 6.5 | ||
2022-03-13 | CVE-2022-23960 | Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. | Cortex\-A57_firmware, Cortex\-A65_firmware, Cortex\-A65ae_firmware, Cortex\-A710_firmware, Cortex\-A72_firmware, Cortex\-A73_firmware, Cortex\-A75_firmware, Cortex\-A76_firmware, Cortex\-A76ae_firmware, Cortex\-A77_firmware, Cortex\-A78_firmware, Cortex\-A78ae_firmware, Cortex\-R7_firmware, Cortex\-R8_firmware, Cortex\-X1_firmware, Cortex\-X2_firmware, Neoverse\-E1_firmware, Neoverse\-V1_firmware, Neoverse_n1_firmware, Neoverse_n2_firmware, Debian_linux, Xen | 5.6 | ||
2017-09-12 | CVE-2017-1000251 | The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. | Debian_linux, Linux_kernel, Jetson_tk1, Jetson_tx1, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.0 | ||
2009-08-05 | CVE-2009-2687 | The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353. | Debian_linux, Php | N/A | ||
2010-08-20 | CVE-2010-2531 | The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion. | Debian_linux, Php | N/A | ||
2012-08-14 | CVE-2012-2135 | The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive information (process memory) or cause a denial of service (memory corruption and crash) via unspecified vectors. | Ubuntu_linux, Debian_linux, Python | N/A | ||
2014-06-01 | CVE-2014-0237 | The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls. | Debian_linux, Php | N/A | ||
2014-07-03 | CVE-2014-3538 | file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345. | File, Debian_linux, Php | N/A |