Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-04-04 | CVE-2023-1816 | Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium) | Debian_linux, Fedora, Chrome | 6.5 | ||
2023-08-25 | CVE-2023-40577 | Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51. | Debian_linux, Alertmanager | 5.4 | ||
2023-10-12 | CVE-2023-45133 | Babel is a compiler for writingJavaScript. In `@babel/traverse` prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of `babel-traverse`, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that rely on the `path.evaluate()`or `path.evaluateTruthy()` internal Babel methods. Known affected plugins are `@babel/plugin-transform-runtime`; `@babel/preset-env` when using its `useBuiltIns`... | Babel, Babel\-Helper\-Define\-Polyfill\-Provider, Babel\-Plugin\-Polyfill\-Corejs2, Babel\-Plugin\-Polyfill\-Corejs3, Babel\-Plugin\-Polyfill\-Es\-Shims, Babel\-Plugin\-Polyfill\-Regenerator, Babel\-Plugin\-Transform\-Runtime, Babel\-Preset\-Env, Debian_linux | 8.8 | ||
2022-07-17 | CVE-2021-46784 | In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. | Debian_linux, Squid | 6.5 | ||
2021-09-01 | CVE-2021-36058 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | Xmp_toolkit_software_development_kit, Debian_linux | 5.5 | ||
2021-09-01 | CVE-2021-36064 | XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Xmp_toolkit_software_development_kit, Debian_linux | 7.8 | ||
2021-10-04 | CVE-2021-36051 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a specially-crafted .cpp file. | Xmp_toolkit_software_development_kit, Debian_linux | 7.8 | ||
2021-10-13 | CVE-2021-40732 | XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interaction is required to exploit this vulnerability in that the victim will need to open a specially crafted MXF file. | Xmp_toolkit_software_development_kit, Debian_linux | 6.1 | ||
2022-05-02 | CVE-2021-42528 | XMP Toolkit 2021.07 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Xmp_toolkit_software_development_kit, Debian_linux | 5.5 | ||
2022-05-02 | CVE-2021-42529 | XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. | Xmp_toolkit_software_development_kit, Debian_linux | 7.8 |