Debian_linux - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Debian_linux
(Debian)

Repositories

• https://github.com/torvalds/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/WordPress/WordPress
• https://github.com/FFmpeg/FFmpeg
• https://github.com/rdesktop/rdesktop

More/Less (143)

• https://github.com/krb5/krb5
• https://github.com/neomutt/neomutt
• https://github.com/FasterXML/jackson-databind
• https://github.com/file/file
• https://github.com/php/php-src
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/redmine/redmine
• https://github.com/dbry/WavPack
• https://github.com/rubygems/rubygems
• https://github.com/uclouvain/openjpeg
• https://github.com/bcgit/bc-java
• https://github.com/libgd/libgd
• https://github.com/kyz/libmspack
• https://github.com/mantisbt/mantisbt
• https://github.com/gpac/gpac
• https://github.com/newsoft/libvncserver
• https://github.com/madler/zlib
• https://github.com/libgit2/libgit2
• https://github.com/mdadams/jasper
• https://github.com/FreeRDP/FreeRDP
• https://github.com/mruby/mruby
• https://github.com/uriparser/uriparser
• https://github.com/LibRaw/LibRaw
• https://github.com/ceph/ceph
• https://github.com/verdammelt/tnef
• https://github.com/libevent/libevent
• https://github.com/antirez/redis
• https://github.com/Yeraze/ytnef
• https://github.com/Perl/perl5
• https://github.com/ntp-project/ntp
• https://github.com/openssl/openssl
• https://github.com/LibVNC/libvncserver
• https://github.com/ARMmbed/mbedtls
• https://github.com/inspircd/inspircd
• https://github.com/OTRS/otrs
• https://github.com/python-pillow/Pillow
• https://github.com/perl5-dbi/DBD-mysql
• https://github.com/apache/httpd
• https://github.com/mm2/Little-CMS
• https://github.com/curl/curl
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/jquery/jquery-ui
• https://github.com/openbsd/src
• https://github.com/szukw000/openjpeg
• https://github.com/mysql/mysql-server
• https://github.com/memcached/memcached
• https://github.com/openvswitch/ovs
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/kamailio/kamailio
• https://github.com/vadz/libtiff
• https://github.com/dovecot/core
• https://github.com/znc/znc
• https://github.com/horde/horde
• https://github.com/mono/mono
• git://git.openssl.org/openssl.git
• https://github.com/haproxy/haproxy
• https://github.com/codehaus-plexus/plexus-utils
• https://github.com/ellson/graphviz
• https://github.com/dajobe/raptor
• https://github.com/DanBloomberg/leptonica
• https://github.com/django/django
• https://github.com/collectd/collectd
• https://github.com/weechat/weechat
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/akrennmair/newsbeuter
• https://github.com/dom4j/dom4j
• https://github.com/sleuthkit/sleuthkit
• https://github.com/python/cpython
• https://github.com/zhutougg/c3p0
• https://github.com/golang/go
• https://github.com/westes/flex
• https://github.com/jcupitt/libvips
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/openssh/openssh-portable
• https://github.com/jpirko/libndp
• https://github.com/inverse-inc/sogo
• https://github.com/varnish/Varnish-Cache
• https://github.com/varnishcache/varnish-cache
• https://github.com/esnet/iperf
• https://github.com/paramiko/paramiko
• https://github.com/resiprocate/resiprocate
• https://github.com/nih-at/libzip
• https://github.com/twigphp/Twig
• https://github.com/lighttpd/lighttpd1.4
• https://github.com/vim/vim
• https://github.com/smarty-php/smarty
• https://github.com/symfony/symfony
• https://github.com/ansible/ansible
• https://github.com/mapserver/mapserver
• https://github.com/stoth68000/media-tree
• https://github.com/ImageMagick/ImageMagick6
• https://github.com/antlarr/audiofile
• https://github.com/shadow-maint/shadow
• https://github.com/lxml/lxml
• https://github.com/GStreamer/gst-plugins-ugly
• https://github.com/erikd/libsndfile
• https://github.com/ruby/openssl
• https://github.com/beanshell/beanshell
• https://github.com/git/git
• https://github.com/cyu/rack-cors
• https://github.com/Exim/exim
• https://github.com/GNOME/nautilus
• https://github.com/phusion/passenger
• https://github.com/karelzak/util-linux
• https://github.com/apple/cups
• https://github.com/shadowsocks/shadowsocks-libev
• https://github.com/simplesamlphp/simplesamlphp
• https://github.com/GNOME/evince
• https://github.com/torproject/tor
• https://github.com/derickr/timelib
• https://github.com/libarchive/libarchive
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/puppetlabs/puppet
• https://github.com/flori/json
• https://github.com/eldy/awstats
• https://github.com/simplesamlphp/saml2
• https://github.com/anymail/django-anymail
• https://github.com/mpv-player/mpv
• https://github.com/TeX-Live/texlive-source
• https://github.com/vim-syntastic/syntastic
• https://github.com/gosa-project/gosa-core
• https://github.com/Cisco-Talos/clamav-devel
• https://github.com/GNOME/librsvg
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/splitbrain/dokuwiki
• https://github.com/heimdal/heimdal
• https://github.com/openstack/swauth
• https://github.com/bottlepy/bottle
• https://github.com/charybdis-ircd/charybdis
• https://github.com/mjg59/pupnp-code
• https://git.videolan.org/git/vlc.git
• https://github.com/atheme/atheme
• https://github.com/fragglet/lhasa
• https://github.com/neovim/neovim
• https://github.com/Quagga/quagga
• https://github.com/rohe/pysaml2
• https://github.com/PHPMailer/PHPMailer
• https://github.com/Automattic/Genericons
• https://github.com/jmacd/xdelta-devel
• https://github.com/axkibe/lsyncd
• https://github.com/quassel/quassel
• https://github.com/yarolig/didiwiki

#Vulnerabilities

8871

Date	Id	Summary	Products	Score	Patch	Annotated
2023-12-24	CVE-2023-51766	Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.	Debian_linux, Exim, Extra_packages_for_enterprise_linux, Fedora	5.3
2023-12-24	CVE-2023-7101	Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.	Debian_linux, Fedora, Spreadsheet\:\:parseexcel	7.8
2024-01-11	CVE-2023-51780	An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.	Debian_linux, Linux_kernel	7.0
2024-01-11	CVE-2023-51781	An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition.	Debian_linux, Linux_kernel	7.0
2024-01-11	CVE-2023-51782	An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.	Debian_linux, Linux_kernel	7.0
2024-01-12	CVE-2023-6040	An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.	Debian_linux, Linux_kernel	7.8
2024-01-16	CVE-2024-0567	A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.	Debian_linux, Fedora, Gnutls, Active_iq_unified_manager	7.5
2024-01-16	CVE-2024-20918	Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle...	Debian_linux, Cloud_insights_acquisition_unit, Cloud_insights_storage_workload_security_agent, Oncommand_insight, Graalvm, Graalvm_for_jdk, Jdk, Jre	N/A
2024-01-16	CVE-2024-20926	Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK,...	Debian_linux, Cloud_insights_acquisition_unit, Cloud_insights_storage_workload_security_agent, Oncommand_insight, Graalvm, Graalvm_for_jdk, Jdk, Jre	N/A
2024-01-16	CVE-2024-20952	Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle...	Debian_linux, Cloud_insights_acquisition_unit, Cloud_insights_storage_workload_security_agent, Oncommand_insight, Graalvm, Graalvm_for_jdk, Jdk, Jre	N/A