VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2024-26643MedMar 21, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it…

  • CVE-2024-26642MedMar 21, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.

  • CVE-2020-26147MedMay 11, 2021
    risk 0.36cvss 5.4epss 0.08

    An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends…

  • CVE-2020-28941MedNov 19, 2020
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line…

  • CVE-2005-2351MedNov 1, 2019
    risk 0.36cvss 5.5epss 0.00

    Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.

  • CVE-2017-18005MedDec 31, 2017
    risk 0.36cvss 5.5epss 0.01

    Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file.

  • CVE-2017-17862MedDec 27, 2017
    risk 0.36cvss 5.5epss 0.00

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.

  • CVE-2017-17788MedDec 20, 2017
    risk 0.36cvss 5.5epss 0.01

    In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.

  • CVE-2017-17669MedDec 13, 2017
    risk 0.36cvss 5.5epss 0.02

    There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.

  • CVE-2017-16611MedDec 1, 2017
    risk 0.36cvss 5.5epss 0.00

    In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.

  • CVE-2017-17087MedDec 1, 2017
    risk 0.36cvss 5.5epss 0.00

    fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership,…

  • CVE-2017-3157MedNov 20, 2017
    risk 0.36cvss 5.5epss 0.03

    By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information,…

  • CVE-2017-15955MedOct 28, 2017
    risk 0.36cvss 5.5epss 0.01

    bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Access violation near NULL on destination operand" and crash when processing a malformed CUE (.cue) file.

  • CVE-2017-15954MedOct 28, 2017
    risk 0.36cvss 5.5epss 0.01

    bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.

  • CVE-2017-15953MedOct 28, 2017
    risk 0.36cvss 5.5epss 0.01

    bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.

  • CVE-2017-15873MedOct 24, 2017
    risk 0.36cvss 5.5epss 0.01

    The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.

  • CVE-2017-15642MedOct 19, 2017
    risk 0.36cvss 5.5epss 0.01

    In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.

  • CVE-2017-15372MedOct 16, 2017
    risk 0.36cvss 5.5epss 0.02

    There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.

  • CVE-2017-15371MedOct 16, 2017
    risk 0.36cvss 5.5epss 0.02

    There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.

  • CVE-2017-15370MedOct 16, 2017
    risk 0.36cvss 5.5epss 0.02

    There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.

Page 76 of 151