Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-03-03 | CVE-2023-27561 | runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. | Debian_linux, Runc, Enterprise_linux, Openshift_container_platform | 7.0 | ||
2024-04-16 | CVE-2024-21068 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2 and 22; Oracle GraalVM Enterprise Edition: 21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for... | Debian_linux, Active_iq_unified_manager, Data_infrastructure_insights_acquisition_unit, Data_infrastructure_insights_storage_workload_security_agent, Oncommand_insight, Oncommand_workflow_automation, Graalvm, Graalvm_for_jdk, Jdk, Jre | N/A | ||
2023-07-20 | CVE-2023-34968 | A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path. | Debian_linux, Fedora, Enterprise_linux, Storage, Samba | 5.3 | ||
2023-08-11 | CVE-2023-39418 | A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows. | Debian_linux, Postgresql, Enterprise_linux | 4.3 | ||
2023-12-18 | CVE-2023-5115 | An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path. | Debian_linux, Ansible_automation_platform, Ansible_developer, Ansible_inside | 6.3 | ||
2023-06-25 | CVE-2023-36664 | Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). | Ghostscript, Debian_linux, Fedora | 7.8 | ||
2023-05-30 | CVE-2023-34151 | A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux | 5.5 | ||
2023-12-18 | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles... | Kitty, Sshd, Sshj, Macos, Asyncssh, Ssh_client, Ssh_server, Sshlib, Thrussh, Crushftp, Debian_linux, Dropbear_ssh, Erlang\/otp, Fedora, Filezilla_client, Freebsd, Security, Crypto, Maverick_synergy_java_ssh_api, Lanconfig, Lcos, Lcos_fx, Lcos_lx, Lcos_sx, Libssh, Libssh2, Jsch, Powershell, Net\-Ssh, Pfsense_ce, Pfsense_plus, Xshell_7, Openssh, Cyclone_ssh, Nova, Transmit_5, Paramiko, Proftpd, Putty, Advanced_cluster_security, Ceph_storage, Cert\-Manager_operator_for_red_hat_openshift, Discovery, Enterprise_linux, Jboss_enterprise_application_platform, Keycloak, Openshift_api_for_data_protection, Openshift_container_platform, Openshift_data_foundation, Openshift_dev_spaces, Openshift_developer_tools_and_services, Openshift_gitops, Openshift_pipelines, Openshift_serverless, Openshift_virtualization, Openstack_platform, Single_sign\-On, Storage, Pkixssh, Russh, Sftpgo, Ssh, Ssh2, Tera_term, Sftp_gateway_firmware, Tinyssh, Ssh2, Securecrt, Winscp | 5.9 | ||
2023-09-21 | CVE-2023-41993 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. | Ipados, Iphone_os, Macos, Debian_linux, Fedora, Active_iq_unified_manager, Cloud_insights_acquisition_unit, Cloud_insights_storage_workload_security_agent, Oncommand_insight, Oncommand_workflow_automation, Graalvm, Jdk, Jre, Webkitgtk\+ | 8.8 | ||
2023-11-30 | CVE-2023-42916 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. | Ipados, Iphone_os, Macos, Safari, Debian_linux, Fedora, Webkitgtk\+ | 6.5 |