Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2009-11-16 | CVE-2009-3939 | The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. | Aura_application_enablement_services, Aura_communication_manager, Aura_session_manager, Aura_sip_enablement_services, Aura_system_manager, Aura_system_platform, Voice_portal, Ubuntu_linux, Debian_linux, Linux_kernel, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization, Linux_enterprise_desktop, Linux_enterprise_server | 7.1 | ||
2022-03-30 | CVE-2022-24763 | PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps. Users are advised to update. There are no known workarounds. | Debian_linux, Pjsip | 7.5 | ||
2022-04-18 | CVE-2020-28603 | Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_prev(). | Computational_geometry_algorithms_library, Debian_linux | 8.8 | ||
2022-04-18 | CVE-2020-28617 | Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->sfaces_last(). | Computational_geometry_algorithms_library, Debian_linux | 8.8 | ||
2022-04-18 | CVE-2020-28627 | Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() ch->shell_entry_objects(). | Computational_geometry_algorithms_library, Debian_linux | 8.8 | ||
2022-04-18 | CVE-2020-28635 | Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->facet(). | Computational_geometry_algorithms_library, Debian_linux | 8.8 | ||
2022-08-18 | CVE-2021-32862 | The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer). | Debian_linux, Nbconvert | 5.4 | ||
2022-09-06 | CVE-2022-2735 | A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw allows an attacker to have complete control over the cluster managed by PCS. | Pcs, Debian_linux | 7.8 | ||
2022-09-06 | CVE-2022-3134 | Use After Free in GitHub repository vim/vim prior to 9.0.0389. | Debian_linux, Vim | 7.8 | ||
2022-12-20 | CVE-2022-23537 | PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1). | Debian_linux, Pjsip | 9.8 |