Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-11-07 | CVE-2022-44792 | handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. | Debian_linux, Net\-Snmp, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 6.5 | ||
| 2022-11-07 | CVE-2022-44793 | handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. | Debian_linux, Net\-Snmp, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 6.5 | ||
| 2022-11-08 | CVE-2022-39377 | sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1. | Debian_linux, Fedora, Sysstat | 7.8 | ||
| 2022-11-09 | CVE-2022-3885 | Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Debian_linux, Chrome | 8.8 | ||
| 2022-11-09 | CVE-2022-3886 | Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Debian_linux, Chrome | 8.8 | ||
| 2022-11-09 | CVE-2022-3887 | Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Debian_linux, Chrome | 8.8 | ||
| 2022-11-09 | CVE-2022-3888 | Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Debian_linux, Chrome | 8.8 | ||
| 2022-11-09 | CVE-2022-3889 | Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Debian_linux, Chrome | 8.8 | ||
| 2022-11-09 | CVE-2022-3890 | Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | Debian_linux, Chrome | 9.6 | ||
| 2022-11-09 | CVE-2022-45060 | An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. Note: the 6.0.x LTS series (before 6.0.11) is affected. | Debian_linux, Fedora, Varnish_cache, Varnish_cache_plus, Varnish_cache | 7.5 |