Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-06-10 | CVE-2016-5118 | The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | Ubuntu_linux, Debian_linux, Graphicsmagick, Imagemagick, Leap, Opensuse, Linux, Solaris, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Studio_onsite | 9.8 | ||
| 2023-07-24 | CVE-2023-20593 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | Athlon_gold_7220u_firmware, Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7352_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7452_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7552_firmware, Epyc_7642_firmware, Epyc_7662_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7742_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware, Ryzen_3_3100_firmware, Ryzen_3_3300x_firmware, Ryzen_3_4300g_firmware, Ryzen_3_4300ge_firmware, Ryzen_3_5300u_firmware, Ryzen_3_7320u_firmware, Ryzen_3_pro_4200g_firmware, Ryzen_3_pro_4350g_firmware, Ryzen_3_pro_4350ge_firmware, Ryzen_3_pro_4450u_firmware, Ryzen_5_3500_firmware, Ryzen_5_3500x_firmware, Ryzen_5_3600_firmware, Ryzen_5_3600x_firmware, Ryzen_5_3600xt_firmware, Ryzen_5_4600g_firmware, Ryzen_5_4600ge_firmware, Ryzen_5_5500u_firmware, Ryzen_5_7520u_firmware, Ryzen_5_pro_4400g_firmware, Ryzen_5_pro_4650g_firmware, Ryzen_5_pro_4650ge_firmware, Ryzen_7_3700x_firmware, Ryzen_7_3800x_firmware, Ryzen_7_3800xt_firmware, Ryzen_7_4700g_firmware, Ryzen_7_4700ge_firmware, Ryzen_7_5700u_firmware, Ryzen_7_pro_4750g_firmware, Ryzen_7_pro_4750ge_firmware, Ryzen_7_pro_4750u_firmware, Ryzen_9_3900_firmware, Ryzen_9_3900x_firmware, Ryzen_9_3900xt_firmware, Ryzen_9_3950x_firmware, Ryzen_9_pro_3900_firmware, Ryzen_threadripper_3960x_firmware, Ryzen_threadripper_3970x_firmware, Ryzen_threadripper_3990x_firmware, Ryzen_threadripper_pro_3945wx_firmware, Ryzen_threadripper_pro_3955wx_firmware, Ryzen_threadripper_pro_3975wx_firmware, Ryzen_threadripper_pro_3995wx_firmware, Debian_linux, Xen | 5.5 | ||
| 2022-02-07 | CVE-2022-21712 | twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. | Debian_linux, Fedora, Twisted | 7.5 | ||
| 2024-11-10 | CVE-2024-46956 | An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution. | Ghostscript, Debian_linux, Linux_enterprise_high_performance_computing, Linux_enterprise_server, Linux_enterprise_server_for_sap | 7.8 | ||
| 2024-11-10 | CVE-2024-46951 | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution. | Ghostscript, Debian_linux, Linux_enterprise_high_performance_computing, Linux_enterprise_server, Linux_enterprise_server_for_sap | 7.8 | ||
| 2024-11-10 | CVE-2024-46953 | An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution. | Ghostscript, Debian_linux, Linux_enterprise_high_performance_computing, Linux_enterprise_server, Linux_enterprise_server_for_sap | 7.8 | ||
| 2024-11-10 | CVE-2024-46952 | An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values). | Ghostscript, Debian_linux | 7.8 | ||
| 2024-11-10 | CVE-2024-46955 | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. | Ghostscript, Debian_linux, Linux_enterprise_high_performance_computing, Linux_enterprise_server, Linux_enterprise_server_for_sap | 5.5 | ||
| 2024-02-11 | CVE-2024-1151 | A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues. | Debian_linux, Fedora, Linux_kernel, Enterprise_linux | 5.5 | ||
| 2022-02-04 | CVE-2021-4043 | NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0. | Debian_linux, Gpac | 5.5 |