Vendor CVEs
Debian
All CVEs
3,352 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-14038 | 0.00 | — | 0.00 | Jul 1, 2026 | Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2026-13991 | 0.00 | — | 0.00 | Jul 1, 2026 | Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-14020 | 0.00 | — | 0.00 | Jul 1, 2026 | Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-14083 | 0.00 | — | 0.00 | Jul 1, 2026 | Insufficient validation of untrusted input in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2026-13967 | 0.00 | — | 0.00 | Jul 1, 2026 | Heap buffer overflow in V8 in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-13858 | 0.00 | — | 0.00 | Jul 1, 2026 | Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. (Chromium security severity: Medium) | |||
| CVE-2026-13918 | 0.00 | — | 0.00 | Jul 1, 2026 | Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-13841 | 0.00 | — | 0.00 | Jul 1, 2026 | Integer overflow in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-14074 | 0.00 | — | 0.00 | Jul 1, 2026 | Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2026-13905 | 0.00 | — | 0.00 | Jul 1, 2026 | Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. (Chromium security severity: Medium) | |||
| CVE-2026-14164 | 0.00 | — | 0.00 | Jul 1, 2026 | A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can… | |||
| CVE-2026-58374 | 0.00 | — | 0.00 | Jul 1, 2026 | In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or… | |||
| CVE-2026-13523 | 0.00 | — | 0.00 | Jun 30, 2026 | A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been… | |||
| CVE-2026-58302 | 0.00 | — | 0.00 | Jun 30, 2026 | rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen() by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an… | |||
| CVE-2026-13601 | 0.00 | — | 0.00 | Jun 30, 2026 | A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG… | |||
| CVE-2026-57966 | 0.00 | — | 0.00 | Jun 30, 2026 | A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on the guest operating system. This occurs because the filename provided by the SPICE host during file transfers is not… | |||
| CVE-2026-57965 | 0.00 | — | 0.00 | Jun 30, 2026 | A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability can lead to a heap buffer overflow, causing the spice-vdagent daemon to crash and resulting in a Denial of Service… | |||
| CVE-2026-12912 | 0.00 | — | 0.00 | Jun 30, 2026 | A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT_8BITABGR output format and a specific stride value,… | |||
| CVE-2026-56018 | 0.00 | — | 0.01 | Jun 30, 2026 | JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth. In JsMinify (XS.xs) the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents;… | |||
| CVE-2026-56017 | 0.00 | — | 0.00 | Jun 30, 2026 | JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString (XS.xs) inspects the previous token's last byte to choose between a… | |||
| CVE-2026-25707 | 0.00 | — | 0.01 | Jun 30, 2026 | A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation. | |||
| CVE-2026-13758 | 0.00 | — | 0.00 | Jun 30, 2026 | CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_done($tag) form compares it against the computed tag with memNE (memcmp() != 0), which short-circuits on the first differing byte, so… | |||
| CVE-2026-13595 | 0.00 | — | 0.00 | Jun 30, 2026 | A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the… | |||
| CVE-2026-41992 | 0.00 | — | 0.00 | Jun 30, 2026 | GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and… | |||
| CVE-2026-13593 | 0.00 | — | 0.00 | Jun 30, 2026 | CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace. | |||
| CVE-2026-13574 | 0.00 | — | 0.00 | Jun 30, 2026 | A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow. It is possible to… | |||
| CVE-2026-13573 | 0.00 | — | 0.00 | Jun 30, 2026 | A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a… | |||
| CVE-2026-22879 | 0.00 | — | 0.00 | Jun 29, 2026 | vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability | |||
| CVE-2026-58049 | 0.00 | — | 0.00 | Jun 29, 2026 | FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes at the row cursor before the NEXT_LINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past… | |||
| CVE-2026-46602 | 0.00 | — | 0.00 | Jun 27, 2026 | The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption. | |||
| CVE-2025-8454 | 0.00 | — | 0.00 | Aug 1, 2025 | It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from… | |||
| CVE-2025-6297 | 0.00 | — | 0.00 | Jul 1, 2025 | It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given… | |||
| CVE-2024-7448 | 0.00 | — | 0.02 | Aug 21, 2024 | Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that… | |||
| CVE-2023-42128 | 0.00 | — | 0.01 | May 3, 2024 | Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that… | |||
| CVE-2023-38336 | 0.00 | — | 0.02 | Jul 14, 2023 | netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778. | |||
| CVE-2023-27635 | 0.00 | — | 0.00 | Mar 5, 2023 | debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands (because of an eval call) via a crafted .deb file. (The path is shown to the user before execution.) | |||
| CVE-2022-1664 | 0.00 | — | 0.03 | May 26, 2022 | Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the… | |||
| CVE-2022-27239 | 0.00 | — | 0.01 | Apr 27, 2022 | In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. | |||
| CVE-2016-1239 | 0.00 | — | 0.01 | Feb 19, 2022 | duck before 0.10 did not properly handle loading of untrusted code from the current directory. | |||
| CVE-2021-20001 | 0.00 | — | 0.02 | Feb 11, 2022 | It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation. | |||
| CVE-2021-3622 | 0.00 | — | 0.05 | Dec 23, 2021 | A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to… | |||
| CVE-2021-3504 | 0.00 | — | 0.02 | May 11, 2021 | A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or… | |||
| CVE-2021-20208 | 0.00 | — | 0.01 | Apr 19, 2021 | A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity. | |||
| CVE-2017-20002 | 0.00 | — | 0.00 | Mar 17, 2021 | The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's… | |||
| CVE-2021-28374 | 0.00 | — | 0.01 | Mar 15, 2021 | The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it… | |||
| CVE-2020-27350 | 0.00 | — | 0.00 | Dec 10, 2020 | APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2;… | |||
| CVE-2020-26932 | 0.00 | — | 0.01 | Oct 10, 2020 | debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for sympa_newaliases-wrapper, whereas the intended permissions are mode 4750 (for access by the sympa group) | |||
| CVE-2020-14342 | 0.00 | — | 0.01 | Sep 9, 2020 | It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their… | |||
| CVE-2020-25073 | 0.00 | — | 0.02 | Sep 2, 2020 | FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service (or from PageKite) is considered a local connection. This affects both the freedombox and… | |||
| CVE-2020-3810 | 0.00 | — | 0.01 | May 15, 2020 | Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. |
- CVE-2026-14038Jul 1, 2026risk 0.00cvss —epss 0.00
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
- CVE-2026-13991Jul 1, 2026risk 0.00cvss —epss 0.00
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2026-14020Jul 1, 2026risk 0.00cvss —epss 0.00
Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2026-14083Jul 1, 2026risk 0.00cvss —epss 0.00
Insufficient validation of untrusted input in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low)
- CVE-2026-13967Jul 1, 2026risk 0.00cvss —epss 0.00
Heap buffer overflow in V8 in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2026-13858Jul 1, 2026risk 0.00cvss —epss 0.00
Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. (Chromium security severity: Medium)
- CVE-2026-13918Jul 1, 2026risk 0.00cvss —epss 0.00
Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2026-13841Jul 1, 2026risk 0.00cvss —epss 0.00
Integer overflow in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- CVE-2026-14074Jul 1, 2026risk 0.00cvss —epss 0.00
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
- CVE-2026-13905Jul 1, 2026risk 0.00cvss —epss 0.00
Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. (Chromium security severity: Medium)
- CVE-2026-14164Jul 1, 2026risk 0.00cvss —epss 0.00
A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can…
- CVE-2026-58374Jul 1, 2026risk 0.00cvss —epss 0.00
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or…
- CVE-2026-13523Jun 30, 2026risk 0.00cvss —epss 0.00
A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been…
- CVE-2026-58302Jun 30, 2026risk 0.00cvss —epss 0.00
rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen() by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an…
- CVE-2026-13601Jun 30, 2026risk 0.00cvss —epss 0.00
A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG…
- CVE-2026-57966Jun 30, 2026risk 0.00cvss —epss 0.00
A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on the guest operating system. This occurs because the filename provided by the SPICE host during file transfers is not…
- CVE-2026-57965Jun 30, 2026risk 0.00cvss —epss 0.00
A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability can lead to a heap buffer overflow, causing the spice-vdagent daemon to crash and resulting in a Denial of Service…
- CVE-2026-12912Jun 30, 2026risk 0.00cvss —epss 0.00
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT_8BITABGR output format and a specific stride value,…
- CVE-2026-56018Jun 30, 2026risk 0.00cvss —epss 0.01
JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth. In JsMinify (XS.xs) the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents;…
- CVE-2026-56017Jun 30, 2026risk 0.00cvss —epss 0.00
JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString (XS.xs) inspects the previous token's last byte to choose between a…
- CVE-2026-25707Jun 30, 2026risk 0.00cvss —epss 0.01
A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation.
- CVE-2026-13758Jun 30, 2026risk 0.00cvss —epss 0.00
CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_done($tag) form compares it against the computed tag with memNE (memcmp() != 0), which short-circuits on the first differing byte, so…
- CVE-2026-13595Jun 30, 2026risk 0.00cvss —epss 0.00
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the…
- CVE-2026-41992Jun 30, 2026risk 0.00cvss —epss 0.00
GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and…
- CVE-2026-13593Jun 30, 2026risk 0.00cvss —epss 0.00
CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace.
- CVE-2026-13574Jun 30, 2026risk 0.00cvss —epss 0.00
A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow. It is possible to…
- CVE-2026-13573Jun 30, 2026risk 0.00cvss —epss 0.00
A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a…
- CVE-2026-22879Jun 29, 2026risk 0.00cvss —epss 0.00
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability
- CVE-2026-58049Jun 29, 2026risk 0.00cvss —epss 0.00
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes at the row cursor before the NEXT_LINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past…
- CVE-2026-46602Jun 27, 2026risk 0.00cvss —epss 0.00
The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption.
- CVE-2025-8454Aug 1, 2025risk 0.00cvss —epss 0.00
It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from…
- CVE-2025-6297Jul 1, 2025risk 0.00cvss —epss 0.00
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given…
- CVE-2024-7448Aug 21, 2024risk 0.00cvss —epss 0.02
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that…
- CVE-2023-42128May 3, 2024risk 0.00cvss —epss 0.01
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that…
- CVE-2023-38336Jul 14, 2023risk 0.00cvss —epss 0.02
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.
- CVE-2023-27635Mar 5, 2023risk 0.00cvss —epss 0.00
debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands (because of an eval call) via a crafted .deb file. (The path is shown to the user before execution.)
- CVE-2022-1664May 26, 2022risk 0.00cvss —epss 0.03
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the…
- CVE-2022-27239Apr 27, 2022risk 0.00cvss —epss 0.01
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
- CVE-2016-1239Feb 19, 2022risk 0.00cvss —epss 0.01
duck before 0.10 did not properly handle loading of untrusted code from the current directory.
- CVE-2021-20001Feb 11, 2022risk 0.00cvss —epss 0.02
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.
- CVE-2021-3622Dec 23, 2021risk 0.00cvss —epss 0.05
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to…
- CVE-2021-3504May 11, 2021risk 0.00cvss —epss 0.02
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or…
- CVE-2021-20208Apr 19, 2021risk 0.00cvss —epss 0.01
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.
- CVE-2017-20002Mar 17, 2021risk 0.00cvss —epss 0.00
The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's…
- CVE-2021-28374Mar 15, 2021risk 0.00cvss —epss 0.01
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it…
- CVE-2020-27350Dec 10, 2020risk 0.00cvss —epss 0.00
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2;…
- CVE-2020-26932Oct 10, 2020risk 0.00cvss —epss 0.01
debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for sympa_newaliases-wrapper, whereas the intended permissions are mode 4750 (for access by the sympa group)
- CVE-2020-14342Sep 9, 2020risk 0.00cvss —epss 0.01
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their…
- CVE-2020-25073Sep 2, 2020risk 0.00cvss —epss 0.02
FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service (or from PageKite) is considered a local connection. This affects both the freedombox and…
- CVE-2020-3810May 15, 2020risk 0.00cvss —epss 0.01
Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files.
Page 45 of 68