Product:

Debian_linux

(Debian)
Repositories https://github.com/torvalds/linux
https://github.com/ImageMagick/ImageMagick
https://github.com/WordPress/WordPress
https://github.com/FFmpeg/FFmpeg
https://github.com/rdesktop/rdesktop
https://github.com/krb5/krb5
https://github.com/neomutt/neomutt
https://github.com/FasterXML/jackson-databind
https://github.com/file/file
https://github.com/php/php-src
https://github.com/the-tcpdump-group/tcpdump
https://github.com/redmine/redmine
https://github.com/dbry/WavPack
https://github.com/rubygems/rubygems
https://github.com/uclouvain/openjpeg
https://github.com/bcgit/bc-java
https://github.com/libgd/libgd
https://github.com/kyz/libmspack
https://github.com/mantisbt/mantisbt
https://github.com/gpac/gpac
https://github.com/newsoft/libvncserver
https://github.com/madler/zlib
https://github.com/libgit2/libgit2
https://github.com/mdadams/jasper
https://github.com/FreeRDP/FreeRDP
https://github.com/mruby/mruby
https://github.com/uriparser/uriparser
https://github.com/LibRaw/LibRaw
https://github.com/ceph/ceph
https://github.com/verdammelt/tnef
https://github.com/libevent/libevent
https://github.com/antirez/redis
https://github.com/Yeraze/ytnef
https://github.com/Perl/perl5
https://github.com/ntp-project/ntp
https://github.com/openssl/openssl
https://github.com/LibVNC/libvncserver
https://github.com/ARMmbed/mbedtls
https://github.com/inspircd/inspircd
https://github.com/OTRS/otrs
https://github.com/python-pillow/Pillow
https://github.com/perl5-dbi/DBD-mysql
https://github.com/mm2/Little-CMS
https://github.com/apache/httpd
https://github.com/curl/curl
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/jquery/jquery-ui
https://github.com/openbsd/src
https://github.com/szukw000/openjpeg
https://github.com/mysql/mysql-server
https://github.com/memcached/memcached
https://github.com/openvswitch/ovs
https://github.com/SpiderLabs/ModSecurity
https://github.com/kamailio/kamailio
https://github.com/vadz/libtiff
https://github.com/dovecot/core
https://github.com/znc/znc
https://github.com/horde/horde
https://github.com/mono/mono
https://github.com/codehaus-plexus/plexus-utils
https://github.com/ellson/graphviz
• git://git.openssl.org/openssl.git
https://github.com/dajobe/raptor
https://github.com/DanBloomberg/leptonica
https://github.com/django/django
https://github.com/collectd/collectd
https://github.com/weechat/weechat
https://git.kernel.org/pub/scm/git/git.git
https://github.com/akrennmair/newsbeuter
https://github.com/dom4j/dom4j
https://github.com/sleuthkit/sleuthkit
https://github.com/python/cpython
https://github.com/zhutougg/c3p0
https://github.com/golang/go
https://github.com/haproxy/haproxy
https://github.com/westes/flex
https://github.com/jcupitt/libvips
https://github.com/codehaus-plexus/plexus-archiver
https://github.com/openssh/openssh-portable
https://github.com/jpirko/libndp
https://github.com/inverse-inc/sogo
https://github.com/varnish/Varnish-Cache
https://github.com/varnishcache/varnish-cache
https://github.com/esnet/iperf
https://github.com/paramiko/paramiko
https://github.com/resiprocate/resiprocate
https://github.com/nih-at/libzip
https://github.com/twigphp/Twig
https://github.com/lighttpd/lighttpd1.4
https://github.com/vim/vim
https://github.com/smarty-php/smarty
https://github.com/symfony/symfony
https://github.com/ansible/ansible
https://github.com/mapserver/mapserver
https://github.com/stoth68000/media-tree
https://github.com/ImageMagick/ImageMagick6
https://github.com/antlarr/audiofile
https://github.com/shadow-maint/shadow
https://github.com/lxml/lxml
https://github.com/GStreamer/gst-plugins-ugly
https://github.com/erikd/libsndfile
https://github.com/ruby/openssl
https://github.com/beanshell/beanshell
https://github.com/git/git
https://github.com/cyu/rack-cors
https://github.com/Exim/exim
https://github.com/GNOME/nautilus
https://github.com/phusion/passenger
https://github.com/karelzak/util-linux
https://github.com/apple/cups
https://github.com/shadowsocks/shadowsocks-libev
https://github.com/simplesamlphp/simplesamlphp
https://github.com/GNOME/evince
https://github.com/torproject/tor
https://github.com/derickr/timelib
https://github.com/libarchive/libarchive
https://git.savannah.gnu.org/git/patch.git
https://github.com/puppetlabs/puppet
https://github.com/flori/json
https://github.com/eldy/awstats
https://github.com/simplesamlphp/saml2
https://github.com/anymail/django-anymail
https://github.com/mpv-player/mpv
https://github.com/TeX-Live/texlive-source
https://github.com/vim-syntastic/syntastic
https://github.com/gosa-project/gosa-core
https://github.com/Cisco-Talos/clamav-devel
https://github.com/GNOME/librsvg
https://github.com/viewvc/viewvc
https://github.com/moinwiki/moin-1.9
https://github.com/splitbrain/dokuwiki
https://github.com/heimdal/heimdal
https://github.com/openstack/swauth
https://github.com/bottlepy/bottle
https://github.com/charybdis-ircd/charybdis
https://github.com/mjg59/pupnp-code
https://git.videolan.org/git/vlc.git
https://github.com/atheme/atheme
https://github.com/fragglet/lhasa
https://github.com/neovim/neovim
https://github.com/Quagga/quagga
https://github.com/rohe/pysaml2
https://github.com/PHPMailer/PHPMailer
https://github.com/Automattic/Genericons
https://github.com/jmacd/xdelta-devel
https://github.com/axkibe/lsyncd
https://github.com/quassel/quassel
https://github.com/yarolig/didiwiki
#Vulnerabilities 8816
Date Id Summary Products Score Patch Annotated
2021-02-17 CVE-2021-26932 An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation. Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors... Debian_linux, Fedora, Linux_kernel, Cloud_backup, Hci_compute_node, Hci_h410c_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node 5.5
2021-02-17 CVE-2021-26930 An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently... Debian_linux, Fedora, Linux_kernel 7.8
2021-02-17 CVE-2021-26931 An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though. This affects drivers/block/xen-blkback/blkback.c and... Debian_linux, Fedora, Linux_kernel 5.5
2021-03-05 CVE-2021-28038 An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931. Debian_linux, Linux_kernel, Cloud_backup, Solidfire_baseboard_management_controller_firmware 6.5
2021-04-08 CVE-2021-29154 BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. Debian_linux, Fedora, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire 7.8
2021-04-20 CVE-2021-29155 An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations. Debian_linux, Fedora, Linux_kernel 5.5
2021-06-14 CVE-2021-34693 net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. Debian_linux, Linux_kernel 5.5
2021-07-21 CVE-2021-37159 hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. Debian_linux, Linux_kernel, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy 6.4
2021-10-20 CVE-2021-42739 The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. Debian_linux, Fedora, Linux_kernel, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy, Starwind_san_\&_nas, Starwind_virtual_san 6.7
2021-11-17 CVE-2021-43976 In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). Debian_linux, Fedora, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy 4.6