Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
9331 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-24130 | 3 Debian, Fedoraproject, Invisible-island | 3 Debian Linux, Fedora, Xterm | 2024-11-21 | 5.5 Medium |
| xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. | ||||
| CVE-2022-24070 | 5 Apache, Apple, Debian and 2 more | 7 Subversion, Macos, Debian Linux and 4 more | 2024-11-21 | 7.5 High |
| Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected. | ||||
| CVE-2022-23960 | 4 Arm, Debian, Redhat and 1 more | 45 Cortex-a57, Cortex-a57 Firmware, Cortex-a65 and 42 more | 2024-11-21 | 5.6 Medium |
| Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. | ||||
| CVE-2022-23959 | 5 Debian, Fedoraproject, Redhat and 2 more | 10 Debian Linux, Fedora, Enterprise Linux and 7 more | 2024-11-21 | 9.1 Critical |
| In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections. | ||||
| CVE-2022-23837 | 3 Contribsys, Debian, Redhat | 3 Sidekiq, Debian Linux, Satellite | 2024-11-21 | 7.5 High |
| In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting the Web UI, and makes it unavailable to users. | ||||
| CVE-2022-23833 | 4 Debian, Djangoproject, Fedoraproject and 1 more | 6 Debian Linux, Django, Fedora and 3 more | 2024-11-21 | 7.5 High |
| An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files. | ||||
| CVE-2022-23825 | 5 Amd, Debian, Fedoraproject and 2 more | 253 A10-9600p, A10-9600p Firmware, A10-9630p and 250 more | 2024-11-21 | 6.5 Medium |
| Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | ||||
| CVE-2022-23806 | 4 Debian, Golang, Netapp and 1 more | 14 Debian Linux, Go, Beegfs Csi Driver and 11 more | 2024-11-21 | 9.1 Critical |
| Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. | ||||
| CVE-2022-23772 | 4 Debian, Golang, Netapp and 1 more | 13 Debian Linux, Go, Beegfs Csi Driver and 10 more | 2024-11-21 | 7.5 High |
| Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. | ||||
| CVE-2022-23648 | 3 Debian, Fedoraproject, Linuxfoundation | 3 Debian Linux, Fedora, Containerd | 2024-11-21 | 7.5 High |
| containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue. | ||||
| CVE-2022-23633 | 3 Debian, Redhat, Rubyonrails | 3 Debian Linux, Satellite, Rails | 2024-11-21 | 7.4 High |
| Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used. | ||||
| CVE-2022-23607 | 2 Debian, Twistedmatrix | 2 Debian Linux, Treq | 2024-11-21 | 6.5 Medium |
| treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods (`treq.get`, `treq.post`, etc.) and `treq.client.HTTPClient` constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to *every* domain ("supercookies"). This can potentially cause sensitive information to leak upon an HTTP redirect to a different domain., e.g. should `https://example.com` redirect to `http://cloudstorageprovider.com` the latter will receive the cookie `session`. Treq 2021.1.0 and later bind cookies given to request methods (`treq.request`, `treq.get`, `HTTPClient.request`, `HTTPClient.get`, etc.) to the origin of the *url* parameter. Users are advised to upgrade. For users unable to upgrade Instead of passing a dictionary as the *cookies* argument, pass a `http.cookiejar.CookieJar` instance with properly domain- and scheme-scoped cookies in it. | ||||
| CVE-2022-23222 | 5 Debian, Fedoraproject, Linux and 2 more | 22 Debian Linux, Fedora, Linux Kernel and 19 more | 2024-11-21 | 7.8 High |
| kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. | ||||
| CVE-2022-23220 | 4 Canonical, Debian, Gentoo and 1 more | 4 Ubuntu Linux, Debian Linux, Linux and 1 more | 2024-11-21 | 7.8 High |
| USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo. | ||||
| CVE-2022-23181 | 4 Apache, Debian, Oracle and 1 more | 10 Tomcat, Debian Linux, Agile Engineering Data Management and 7 more | 2024-11-21 | 7.0 High |
| The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore. | ||||
| CVE-2022-23098 | 2 Debian, Intel | 2 Debian Linux, Connman | 2024-11-21 | 7.5 High |
| An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received. | ||||
| CVE-2022-23097 | 2 Debian, Intel | 2 Debian Linux, Connman | 2024-11-21 | 9.1 Critical |
| An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read. | ||||
| CVE-2022-23096 | 2 Debian, Intel | 2 Debian Linux, Connman | 2024-11-21 | 9.1 Critical |
| An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read. | ||||
| CVE-2022-23094 | 4 Debian, Fedoraproject, Libreswan and 1 more | 5 Debian Linux, Fedora, Libreswan and 2 more | 2024-11-21 | 7.5 High |
| Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6. | ||||
| CVE-2022-23042 | 2 Debian, Xen | 2 Debian Linux, Xen | 2024-11-21 | 7.0 High |
| Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 | ||||