Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-05-10 | CVE-2022-1621 | Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution | Macos, Debian_linux, Fedora, Vim | 7.8 | ||
2022-05-11 | CVE-2022-1623 | LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. | Debian_linux, Fedora, Libtiff, Ontap_select_deploy_administration_utility | 5.5 | ||
2022-05-18 | CVE-2022-30974 | compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413. | Mujs, Debian_linux, Fedora | 5.5 | ||
2022-05-18 | CVE-2022-30975 | In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. | Mujs, Debian_linux, Fedora | 5.5 | ||
2022-05-26 | CVE-2022-30786 | A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22. | Debian_linux, Fedora, Ntfs\-3g | 7.8 | ||
2022-05-24 | CVE-2022-29221 | Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds. | Debian_linux, Fedora, Smarty | 8.8 | ||
2022-05-25 | CVE-2022-1851 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | Macos, Debian_linux, Fedora, Vim | 7.8 | ||
2022-05-26 | CVE-2022-30783 | An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. | Debian_linux, Fedora, Ntfs\-3g | 6.7 | ||
2022-05-26 | CVE-2022-30784 | A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22. | Debian_linux, Fedora, Ntfs\-3g | 7.8 | ||
2022-05-26 | CVE-2022-30785 | A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | Debian_linux, Fedora, Ntfs\-3g | 6.7 |