Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-09-30 | CVE-2022-41849 | drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. | Debian_linux, Linux_kernel | 4.2 | ||
2022-09-30 | CVE-2022-41850 | roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. | Debian_linux, Linux_kernel | 4.7 | ||
2023-01-13 | CVE-2023-23559 | In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. | Debian_linux, Linux_kernel, Hci_baseboard_management_controller | 7.8 | ||
2023-04-24 | CVE-2023-31084 | An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. | Debian_linux, Fedora, Linux_kernel, H410c_firmware | 5.5 | ||
2023-07-12 | CVE-2023-3618 | A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. | Debian_linux, Libtiff, Enterprise_linux | 6.5 | ||
2016-10-03 | CVE-2016-1243 | Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname. | Debian_linux, Unadf | 9.8 | ||
2016-10-03 | CVE-2016-1244 | The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file. | Debian_linux, Unadf | 8.8 | ||
2022-08-30 | CVE-2022-25857 | The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections. | Debian_linux, Snakeyaml | 7.5 | ||
2022-09-05 | CVE-2022-38749 | Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. | Debian_linux, Snakeyaml | 6.5 | ||
2022-09-05 | CVE-2022-38750 | Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. | Debian_linux, Snakeyaml | 5.5 |