Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-03-17 | CVE-2017-6960 | An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable. | Apng2gif, Ubuntu_linux, Debian_linux | 7.5 | ||
2017-07-08 | CVE-2017-11104 | Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check. | Debian_linux, Knot_dns | 5.9 | ||
2018-04-03 | CVE-2018-9240 | ncmpc through 0.29 is prone to a NULL pointer dereference flaw. If a user uses the chat screen and another client sends a long chat message, a crash and denial of service could occur. | Ubuntu_linux, Debian_linux, Ncmpc | 7.5 | ||
2019-03-11 | CVE-2019-9656 | An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump. | Ubuntu_linux, Debian_linux, Libofx | 8.8 | ||
2019-05-22 | CVE-2019-9892 | An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem. | Debian_linux, Otrs | 6.5 | ||
2019-08-01 | CVE-2019-14496 | LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow. | Ubuntu_linux, Debian_linux, Milkytracker | 7.8 | ||
2019-08-01 | CVE-2019-14497 | ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow. | Ubuntu_linux, Debian_linux, Milkytracker | 7.8 | ||
2019-12-27 | CVE-2019-20043 | In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. | Debian_linux, Wordpress | 4.3 | ||
2019-12-30 | CVE-2019-20096 | In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b. | Ubuntu_linux, Debian_linux, Linux_kernel | 5.5 | ||
2020-01-02 | CVE-2019-20208 | dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based buffer overflow. | Debian_linux, Gpac | 5.5 |