Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-06-24 | CVE-2021-32490 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences. | Debian_linux, Djvulibre | 7.8 | ||
2021-06-24 | CVE-2021-32491 | A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences. | Debian_linux, Djvulibre | 7.8 | ||
2021-06-24 | CVE-2021-32492 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences. | Debian_linux, Djvulibre | 7.8 | ||
2021-06-24 | CVE-2021-32493 | A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences. | Debian_linux, Djvulibre | 7.8 | ||
2021-06-24 | CVE-2021-3500 | A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences. | Debian_linux, Djvulibre | 7.8 | ||
2021-11-19 | CVE-2021-39923 | Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | Debian_linux, Wireshark | 7.5 | ||
2021-11-02 | CVE-2021-37994 | Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | Debian_linux, Chrome | 6.5 | ||
2021-11-02 | CVE-2021-37995 | Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | Debian_linux, Chrome | 6.5 | ||
2021-11-02 | CVE-2021-37996 | Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. | Debian_linux, Chrome | 5.5 | ||
2022-02-02 | CVE-2022-24301 | In Minetest before 5.4.0, players can add or subtract items from a different player's inventory. | Debian_linux, Minetest | 6.5 |