VYPR

Vendor CVEs

Debian

All CVEs

3,352 total · sorted by risk
  • CVE-2026-14038Jul 1, 2026
    risk 0.00cvss epss 0.00

    Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-13991Jul 1, 2026
    risk 0.00cvss epss 0.00

    Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-14020Jul 1, 2026
    risk 0.00cvss epss 0.00

    Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-14083Jul 1, 2026
    risk 0.00cvss epss 0.00

    Insufficient validation of untrusted input in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-13967Jul 1, 2026
    risk 0.00cvss epss 0.00

    Heap buffer overflow in V8 in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-13858Jul 1, 2026
    risk 0.00cvss epss 0.00

    Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. (Chromium security severity: Medium)

  • CVE-2026-13918Jul 1, 2026
    risk 0.00cvss epss 0.00

    Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-13841Jul 1, 2026
    risk 0.00cvss epss 0.00

    Integer overflow in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-14074Jul 1, 2026
    risk 0.00cvss epss 0.00

    Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-13905Jul 1, 2026
    risk 0.00cvss epss 0.00

    Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. (Chromium security severity: Medium)

  • CVE-2026-14164Jul 1, 2026
    risk 0.00cvss epss 0.00

    A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can…

  • CVE-2026-58374Jul 1, 2026
    risk 0.00cvss epss 0.00

    In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or…

  • CVE-2026-13523Jun 30, 2026
    risk 0.00cvss epss 0.00

    A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been…

  • CVE-2026-58302Jun 30, 2026
    risk 0.00cvss epss 0.00

    rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen() by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an…

  • CVE-2026-13601Jun 30, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG…

  • CVE-2026-57966Jun 30, 2026
    risk 0.00cvss epss 0.00

    A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on the guest operating system. This occurs because the filename provided by the SPICE host during file transfers is not…

  • CVE-2026-57965Jun 30, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability can lead to a heap buffer overflow, causing the spice-vdagent daemon to crash and resulting in a Denial of Service…

  • CVE-2026-12912Jun 30, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT_8BITABGR output format and a specific stride value,…

  • CVE-2026-56018Jun 30, 2026
    risk 0.00cvss epss 0.01

    JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth. In JsMinify (XS.xs) the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents;…

  • CVE-2026-56017Jun 30, 2026
    risk 0.00cvss epss 0.00

    JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString (XS.xs) inspects the previous token's last byte to choose between a…

  • CVE-2026-25707Jun 30, 2026
    risk 0.00cvss epss 0.01

    A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation.

  • CVE-2026-13758Jun 30, 2026
    risk 0.00cvss epss 0.00

    CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_done($tag) form compares it against the computed tag with memNE (memcmp() != 0), which short-circuits on the first differing byte, so…

  • CVE-2026-13595Jun 30, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the…

  • CVE-2026-41992Jun 30, 2026
    risk 0.00cvss epss 0.00

    GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and…

  • CVE-2026-13593Jun 30, 2026
    risk 0.00cvss epss 0.00

    CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace.

  • CVE-2026-13574Jun 30, 2026
    risk 0.00cvss epss 0.00

    A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow. It is possible to…

  • CVE-2026-13573Jun 30, 2026
    risk 0.00cvss epss 0.00

    A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a…

  • CVE-2026-22879Jun 29, 2026
    risk 0.00cvss epss 0.00

    vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability

  • CVE-2026-58049Jun 29, 2026
    risk 0.00cvss epss 0.00

    FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes at the row cursor before the NEXT_LINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past…

  • CVE-2026-46602Jun 27, 2026
    risk 0.00cvss epss 0.00

    The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption.

  • CVE-2025-8454Aug 1, 2025
    risk 0.00cvss epss 0.00

    It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from…

  • CVE-2025-6297Jul 1, 2025
    risk 0.00cvss epss 0.00

    It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given…

  • CVE-2024-7448Aug 21, 2024
    risk 0.00cvss epss 0.02

    Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that…

  • CVE-2023-42128May 3, 2024
    risk 0.00cvss epss 0.01

    Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that…

  • CVE-2023-38336Jul 14, 2023
    risk 0.00cvss epss 0.02

    netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.

  • CVE-2023-27635Mar 5, 2023
    risk 0.00cvss epss 0.00

    debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands (because of an eval call) via a crafted .deb file. (The path is shown to the user before execution.)

  • CVE-2022-1664May 26, 2022
    risk 0.00cvss epss 0.03

    Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the…

  • CVE-2022-27239Apr 27, 2022
    risk 0.00cvss epss 0.01

    In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

  • CVE-2016-1239Feb 19, 2022
    risk 0.00cvss epss 0.01

    duck before 0.10 did not properly handle loading of untrusted code from the current directory.

  • CVE-2021-20001Feb 11, 2022
    risk 0.00cvss epss 0.02

    It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.

  • CVE-2021-3622Dec 23, 2021
    risk 0.00cvss epss 0.05

    A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to…

  • CVE-2021-3504May 11, 2021
    risk 0.00cvss epss 0.02

    A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or…

  • CVE-2021-20208Apr 19, 2021
    risk 0.00cvss epss 0.01

    A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

  • CVE-2017-20002Mar 17, 2021
    risk 0.00cvss epss 0.00

    The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's…

  • CVE-2021-28374Mar 15, 2021
    risk 0.00cvss epss 0.01

    The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it…

  • CVE-2020-27350Dec 10, 2020
    risk 0.00cvss epss 0.00

    APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2;…

  • CVE-2020-26932Oct 10, 2020
    risk 0.00cvss epss 0.01

    debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for sympa_newaliases-wrapper, whereas the intended permissions are mode 4750 (for access by the sympa group)

  • CVE-2020-14342Sep 9, 2020
    risk 0.00cvss epss 0.01

    It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their…

  • CVE-2020-25073Sep 2, 2020
    risk 0.00cvss epss 0.02

    FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service (or from PageKite) is considered a local connection. This affects both the freedombox and…

  • CVE-2020-3810May 15, 2020
    risk 0.00cvss epss 0.01

    Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files.

Page 45 of 68