Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-06 | CVE-2022-2735 | A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw allows an attacker to have complete control over the cluster managed by PCS. | Pcs, Debian_linux | 7.8 | ||
| 2022-09-06 | CVE-2022-3134 | Use After Free in GitHub repository vim/vim prior to 9.0.0389. | Debian_linux, Vim | 7.8 | ||
| 2022-09-07 | CVE-2022-40023 | Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin. | Debian_linux, Mako | 7.5 | ||
| 2022-09-09 | CVE-2022-40307 | An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. | Debian_linux, Linux_kernel | 4.7 | ||
| 2022-09-09 | CVE-2022-2905 | An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. | Debian_linux, Linux_kernel, Enterprise_linux | 5.5 | ||
| 2022-09-09 | CVE-2022-36280 | An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). | Debian_linux, Linux_kernel | 5.5 | ||
| 2022-09-09 | CVE-2022-3169 | A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect. | Debian_linux, Fedora, Linux_kernel | 5.5 | ||
| 2022-09-09 | CVE-2022-38266 | An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file. | Debian_linux, Leptonica, Tesseract | 6.5 | ||
| 2022-09-12 | CVE-2022-37797 | In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition. | Debian_linux, Lighttpd | 7.5 | ||
| 2022-09-15 | CVE-2022-38855 | Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | Debian_linux, Mencoder, Mplayer | 5.5 |