Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-03-24 | CVE-2020-10942 | In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. | Ubuntu_linux, Debian_linux, Linux_kernel, Leap | 5.3 | ||
| 2020-03-27 | CVE-2020-10955 | GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on an upload feature that allows an unauthorized user to read content available under specific folders. | Debian_linux, Gitlab | 6.5 | ||
| 2018-05-16 | CVE-2018-11212 | An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. | Ubuntu_linux, Debian_linux, Libjpeg, Oncommand_unified_manager, Oncommand_workflow_automation, Snapmanager, Leap, Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Satellite | 6.5 | ||
| 2018-03-02 | CVE-2017-14461 | A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server. | Debian_linux, Dovecot, Ubuntu | 7.1 | ||
| 2018-04-24 | CVE-2017-14449 | A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability. | Debian_linux, Sdl_image | 8.8 | ||
| 2018-04-24 | CVE-2017-14450 | A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability. | Debian_linux, Sdl_image | 7.1 | ||
| 2019-01-15 | CVE-2018-16846 | It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices. | Ubuntu_linux, Debian_linux, Leap, Ceph, Ceph_storage, Enterprise_linux_server | 6.5 | ||
| 2019-01-15 | CVE-2018-14662 | It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption. | Ubuntu_linux, Debian_linux, Leap, Ceph, Ceph_storage, Enterprise_linux_server | 5.7 | ||
| 2019-07-30 | CVE-2019-10156 | A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed. | Debian_linux, Ansible, Openstack | 5.4 | ||
| 2017-04-11 | CVE-2017-7697 | In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file. | Debian_linux, Libsamplerate | 5.5 |