-
Notifications
You must be signed in to change notification settings - Fork 0
dockerhub.hi.inet evolved 5g certification 8bellsnetapp 8bellsnetapp 8b_netapp
Evolved5G edited this page Oct 23, 2023
·
1 revision
Severity | Number of vulnerabilities |
---|---|
CRITICAL | 88 |
HIGH | 864 |
MEDIUM | 1247 |
LOW | 1433 |
UNKNOWN | 38 |
Severity | ID | Title | PkgName | InstalledVersion | FixedVersion |
---|---|---|---|---|---|
CRITICAL | CVE-2022-32221 | POST following PUT confusion | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
CRITICAL | CVE-2022-1664 | Dpkg::Source::Archive in dpkg, the Debian package management system, b ... | dpkg | 1.19.7 | 1.19.8 |
CRITICAL | CVE-2022-1664 | Dpkg::Source::Archive in dpkg, the Debian package management system, b ... | dpkg-dev | 1.19.7 | 1.19.8 |
CRITICAL | CVE-2022-23521 | git: gitattributes parsing integer overflow | git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u7 |
CRITICAL | CVE-2022-41903 | git: Heap overflow in git archive , git log --format leading to RCE |
git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u7 |
CRITICAL | CVE-2022-23521 | git: gitattributes parsing integer overflow | git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u7 |
CRITICAL | CVE-2022-41903 | git: Heap overflow in git archive , git log --format leading to RCE |
git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u7 |
CRITICAL | CVE-2021-43400 | bluez: use-after-free in gatt-database.c | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
CRITICAL | CVE-2021-43400 | bluez: use-after-free in gatt-database.c | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
CRITICAL | CVE-2021-33574 | mq_notify does not handle separately allocated thread attributes | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2021-35942 | Arbitrary read in wordexp() | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2022-23218 | Stack-based buffer overflow in svcunix_create via long pathnames | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2022-23219 | Stack-based buffer overflow in sunrpc clnt_create via a long pathname | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2021-33574 | mq_notify does not handle separately allocated thread attributes | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2021-35942 | Arbitrary read in wordexp() | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2022-23218 | Stack-based buffer overflow in svcunix_create via long pathnames | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2022-23219 | Stack-based buffer overflow in sunrpc clnt_create via a long pathname | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2021-33574 | mq_notify does not handle separately allocated thread attributes | libc6 | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2021-35942 | Arbitrary read in wordexp() | libc6 | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2022-23218 | Stack-based buffer overflow in svcunix_create via long pathnames | libc6 | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2022-23219 | Stack-based buffer overflow in sunrpc clnt_create via a long pathname | libc6 | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2021-33574 | mq_notify does not handle separately allocated thread attributes | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2021-35942 | Arbitrary read in wordexp() | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2022-23218 | Stack-based buffer overflow in svcunix_create via long pathnames | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2022-23219 | Stack-based buffer overflow in sunrpc clnt_create via a long pathname | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
CRITICAL | CVE-2022-32221 | POST following PUT confusion | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
CRITICAL | CVE-2022-32221 | POST following PUT confusion | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
CRITICAL | CVE-2022-32221 | POST following PUT confusion | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
CRITICAL | CVE-2019-8457 | heap out-of-bound read in function rtreenode() | libdb5.3 | 5.3.28+dfsg1-0.5 | |
CRITICAL | CVE-2019-8457 | heap out-of-bound read in function rtreenode() | libdb5.3-dev | 5.3.28+dfsg1-0.5 | |
CRITICAL | CVE-2022-1664 | Dpkg::Source::Archive in dpkg, the Debian package management system, b ... | libdpkg-perl | 1.19.7 | 1.19.8 |
CRITICAL | CVE-2022-22822 | Integer overflow in addBinding in xmlparse.c | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
CRITICAL | CVE-2022-22823 | Integer overflow in build_model in xmlparse.c | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
CRITICAL | CVE-2022-22824 | Integer overflow in defineAttribute in xmlparse.c | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
CRITICAL | CVE-2022-23852 | Integer overflow in function XML_GetBuffer | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
CRITICAL | CVE-2022-25235 | Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
CRITICAL | CVE-2022-25236 | prefix]" attribute values can lead to arbitrary code execution | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
CRITICAL | CVE-2022-25315 | Integer overflow in storeRawNames() | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
CRITICAL | CVE-2022-22822 | Integer overflow in addBinding in xmlparse.c | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
CRITICAL | CVE-2022-22823 | Integer overflow in build_model in xmlparse.c | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
CRITICAL | CVE-2022-22824 | Integer overflow in defineAttribute in xmlparse.c | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
CRITICAL | CVE-2022-23852 | Integer overflow in function XML_GetBuffer | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
CRITICAL | CVE-2022-25235 | Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
CRITICAL | CVE-2022-25236 | prefix]" attribute values can lead to arbitrary code execution | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
CRITICAL | CVE-2022-25315 | Integer overflow in storeRawNames() | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
CRITICAL | CVE-2022-27404 | Buffer overflow in sfnt_init_face | libfreetype6 | 2.9.1-3+deb10u2 | 2.9.1-3+deb10u3 |
CRITICAL | CVE-2022-27404 | Buffer overflow in sfnt_init_face | libfreetype6-dev | 2.9.1-3+deb10u2 | 2.9.1-3+deb10u3 |
CRITICAL | CVE-2022-3515 | integer overflow may lead to remote code execution | libksba8 | 1.3.5-2 | 1.3.5-2+deb10u1 |
CRITICAL | CVE-2022-47629 | integer overflow to code execution | libksba8 | 1.3.5-2 | 1.3.5-2+deb10u2 |
CRITICAL | CVE-2022-29155 | OpenLDAP SQL injection | libldap-2.4-2 | 2.4.47+dfsg-3+deb10u6 | 2.4.47+dfsg-3+deb10u7 |
CRITICAL | CVE-2022-29155 | OpenLDAP SQL injection | libldap-common | 2.4.47+dfsg-3+deb10u6 | 2.4.47+dfsg-3+deb10u7 |
CRITICAL | CVE-2022-1586 | Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c | libpcre2-8-0 | 10.32-5 | 10.32-5+deb10u1 |
CRITICAL | CVE-2022-1587 | Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c | libpcre2-8-0 | 10.32-5 | 10.32-5+deb10u1 |
CRITICAL | CVE-2021-3177 | Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
CRITICAL | CVE-2022-48565 | XML External Entity in XML processing plistlib module | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
CRITICAL | CVE-2021-3177 | Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
CRITICAL | CVE-2022-48565 | XML External Entity in XML processing plistlib module | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
CRITICAL | CVE-2022-37454 | buffer overflow in the SHA-3 reference implementation | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u4 |
CRITICAL | CVE-2022-48565 | XML External Entity in XML processing plistlib module | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
CRITICAL | CVE-2022-37454 | buffer overflow in the SHA-3 reference implementation | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u4 |
CRITICAL | CVE-2022-48565 | XML External Entity in XML processing plistlib module | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
CRITICAL | CVE-2020-35527 | Out of bounds access during table rename | libsqlite3-0 | 3.27.2-3+deb10u1 | 3.27.2-3+deb10u2 |
CRITICAL | CVE-2020-35527 | Out of bounds access during table rename | libsqlite3-dev | 3.27.2-3+deb10u1 | 3.27.2-3+deb10u2 |
CRITICAL | CVE-2021-3711 | SM2 Decryption Buffer Overflow | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u7 |
CRITICAL | CVE-2022-1292 | c_rehash script allows command injection | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u2 |
CRITICAL | CVE-2022-2068 | the c_rehash script allows command injection | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u3 |
CRITICAL | CVE-2021-3711 | SM2 Decryption Buffer Overflow | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u7 |
CRITICAL | CVE-2022-1292 | c_rehash script allows command injection | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u2 |
CRITICAL | CVE-2022-2068 | the c_rehash script allows command injection | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u3 |
CRITICAL | CVE-2021-46848 | Out-of-bound access in ETYPE_OK | libtasn1-6 | 4.13-3 | 4.13-3+deb10u1 |
CRITICAL | CVE-2021-46848 | Out-of-bound access in ETYPE_OK | libtasn1-6-dev | 4.13-3 | 4.13-3+deb10u1 |
CRITICAL | CVE-2023-45871 | IGB driver inadequate buffer size for frames larger than MTU | linux-libc-dev | 4.19.194-1 | |
CRITICAL | CVE-2023-38408 | Remote code execution in ssh-agent PKCS#11 support | openssh-client | 1:7.9p1-10+deb10u2 | 1:7.9p1-10+deb10u3 |
CRITICAL | CVE-2021-3711 | SM2 Decryption Buffer Overflow | openssl | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u7 |
CRITICAL | CVE-2022-1292 | c_rehash script allows command injection | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u2 |
CRITICAL | CVE-2022-2068 | the c_rehash script allows command injection | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u3 |
CRITICAL | CVE-2021-3177 | Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
CRITICAL | CVE-2022-48565 | XML External Entity in XML processing plistlib module | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
CRITICAL | CVE-2021-3177 | Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
CRITICAL | CVE-2022-48565 | XML External Entity in XML processing plistlib module | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
CRITICAL | CVE-2022-37454 | buffer overflow in the SHA-3 reference implementation | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u4 |
CRITICAL | CVE-2022-48565 | XML External Entity in XML processing plistlib module | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
CRITICAL | CVE-2022-37454 | buffer overflow in the SHA-3 reference implementation | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u4 |
CRITICAL | CVE-2022-48565 | XML External Entity in XML processing plistlib module | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
CRITICAL | CVE-2022-37434 | heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra fie | zlib1g | 1:1.2.11.dfsg-1 | 1:1.2.11.dfsg-1+deb10u2 |
CRITICAL | CVE-2023-45853 | integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 | zlib1g | 1:1.2.11.dfsg-1 | |
CRITICAL | CVE-2022-37434 | heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra fie | zlib1g-dev | 1:1.2.11.dfsg-1 | 1:1.2.11.dfsg-1+deb10u2 |
CRITICAL | CVE-2023-45853 | integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 | zlib1g-dev | 1:1.2.11.dfsg-1 | |
HIGH | CVE-2022-1304 | out-of-bounds read/write via crafted filesystem | comerr-dev | 2.1-1.44.5-1+deb10u3 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | cpp-8 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | cpp-8 | 8.3.0-6 | |
HIGH | CVE-2021-22946 | Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-22576 | curl: OAUTH2 bearer bypass in connection re-use | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-27781 | CERTINFO never-ending busy-loop | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-27782 | TLS and SSH connection too eager reuse | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2023-27533 | TELNET option IAC injection | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
HIGH | CVE-2023-27534 | SFTP path ~ resolving discrepancy | curl | 7.64.0-4+deb10u2 | |
HIGH | CVE-2022-1304 | out-of-bounds read/write via crafted filesystem | e2fsprogs | 1.44.5-1+deb10u3 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | g++-8 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | g++-8 | 8.3.0-6 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | gcc-8 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | gcc-8 | 8.3.0-6 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | gcc-8-base | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | gcc-8-base | 8.3.0-6 | |
HIGH | CVE-2021-21300 | remote code execution during clone operation on case-insensitive filesystems | git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u4 |
HIGH | CVE-2021-40330 | unexpected cross-protocol requests via a repository path containing a newline character | git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u4 |
HIGH | CVE-2022-24765 | On multi-user machines Git users might find themselves unexpectedly in a Git worktree | git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u5 |
HIGH | CVE-2022-29187 | Bypass of safe.directory protections | git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u5 |
HIGH | CVE-2022-39260 | git shell function that splits command arguments can lead to arbitrary heap writes. | git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u5 |
HIGH | CVE-2023-23946 | a path outside the working tree can be overwritten with crafted input | git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u8 |
HIGH | CVE-2023-25652 | by feeding specially crafted input to git apply --reject , a path outside the working tree can be o |
git | 1:2.20.1-2+deb10u3 | |
HIGH | CVE-2023-29007 | arbitrary configuration injection when renaming or deleting a section from a configuration file | git | 1:2.20.1-2+deb10u3 | |
HIGH | CVE-2021-21300 | remote code execution during clone operation on case-insensitive filesystems | git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u4 |
HIGH | CVE-2021-40330 | unexpected cross-protocol requests via a repository path containing a newline character | git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u4 |
HIGH | CVE-2022-24765 | On multi-user machines Git users might find themselves unexpectedly in a Git worktree | git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u5 |
HIGH | CVE-2022-29187 | Bypass of safe.directory protections | git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u5 |
HIGH | CVE-2022-39260 | git shell function that splits command arguments can lead to arbitrary heap writes. | git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u5 |
HIGH | CVE-2023-23946 | a path outside the working tree can be overwritten with crafted input | git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u8 |
HIGH | CVE-2023-25652 | by feeding specially crafted input to git apply --reject , a path outside the working tree can be o |
git-man | 1:2.20.1-2+deb10u3 | |
HIGH | CVE-2023-29007 | arbitrary configuration injection when renaming or deleting a section from a configuration file | git-man | 1:2.20.1-2+deb10u3 | |
HIGH | CVE-2022-1271 | arbitrary-file-write vulnerability | gzip | 1.9-3 | 1.9-3+deb10u1 |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | krb5-multidev | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | krb5-multidev | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libasan5 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libasan5 | 8.3.0-6 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libatomic1 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libatomic1 | 8.3.0-6 | |
HIGH | CVE-2019-8922 | heap-based buffer overflow via crafted request | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
HIGH | CVE-2020-27153 | bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u2 |
HIGH | CVE-2022-0204 | heap-based buffer overflow in the implementation of the gatt protocol | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
HIGH | CVE-2022-39176 | BlueZ allows physically proximate attackers to obtain sensitive information because profiles/audio/a | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
HIGH | CVE-2022-39177 | BlueZ allows physically proximate attackers to cause a denial of service because malformed and inval | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
HIGH | CVE-2019-8922 | heap-based buffer overflow via crafted request | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
HIGH | CVE-2020-27153 | bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u2 |
HIGH | CVE-2022-0204 | heap-based buffer overflow in the implementation of the gatt protocol | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
HIGH | CVE-2022-39176 | BlueZ allows physically proximate attackers to obtain sensitive information because profiles/audio/a | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
HIGH | CVE-2022-39177 | BlueZ allows physically proximate attackers to cause a denial of service because malformed and inval | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
HIGH | CVE-2020-1751 | glibc: array overflow in backtrace functions for powerpc | libc-bin | 2.28-10 | |
HIGH | CVE-2020-1752 | use-after-free in glob() function when expanding ~user | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2020-6096 | glibc: signed comparison vulnerability in the ARMv7 memcpy function | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2021-3326 | Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2021-3999 | Off-by-one buffer overflow/underflow in getcwd() | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2020-1751 | glibc: array overflow in backtrace functions for powerpc | libc-dev-bin | 2.28-10 | |
HIGH | CVE-2020-1752 | use-after-free in glob() function when expanding ~user | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2020-6096 | glibc: signed comparison vulnerability in the ARMv7 memcpy function | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2021-3326 | Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2021-3999 | Off-by-one buffer overflow/underflow in getcwd() | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2020-1751 | glibc: array overflow in backtrace functions for powerpc | libc6 | 2.28-10 | |
HIGH | CVE-2020-1752 | use-after-free in glob() function when expanding ~user | libc6 | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2020-6096 | glibc: signed comparison vulnerability in the ARMv7 memcpy function | libc6 | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2021-3326 | Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | libc6 | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2021-3999 | Off-by-one buffer overflow/underflow in getcwd() | libc6 | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2020-1751 | glibc: array overflow in backtrace functions for powerpc | libc6-dev | 2.28-10 | |
HIGH | CVE-2020-1752 | use-after-free in glob() function when expanding ~user | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2020-6096 | glibc: signed comparison vulnerability in the ARMv7 memcpy function | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2021-3326 | Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2021-3999 | Off-by-one buffer overflow/underflow in getcwd() | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libcc1-0 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libcc1-0 | 8.3.0-6 | |
HIGH | CVE-2022-1304 | out-of-bounds read/write via crafted filesystem | libcom-err2 | 1.44.5-1+deb10u3 | |
HIGH | CVE-2021-22946 | Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-22576 | curl: OAUTH2 bearer bypass in connection re-use | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-27781 | CERTINFO never-ending busy-loop | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-27782 | TLS and SSH connection too eager reuse | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2023-27533 | TELNET option IAC injection | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
HIGH | CVE-2023-27534 | SFTP path ~ resolving discrepancy | libcurl3-gnutls | 7.64.0-4+deb10u2 | |
HIGH | CVE-2021-22946 | Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-22576 | curl: OAUTH2 bearer bypass in connection re-use | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-27781 | CERTINFO never-ending busy-loop | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-27782 | TLS and SSH connection too eager reuse | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2023-27533 | TELNET option IAC injection | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
HIGH | CVE-2023-27534 | SFTP path ~ resolving discrepancy | libcurl4 | 7.64.0-4+deb10u2 | |
HIGH | CVE-2021-22946 | Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-22576 | curl: OAUTH2 bearer bypass in connection re-use | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-27781 | CERTINFO never-ending busy-loop | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2022-27782 | TLS and SSH connection too eager reuse | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
HIGH | CVE-2023-27533 | TELNET option IAC injection | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
HIGH | CVE-2023-27534 | SFTP path ~ resolving discrepancy | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | |
HIGH | CVE-2020-21598 | libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unw ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
HIGH | CVE-2021-36409 | There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
HIGH | CVE-2022-47655 | Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_q ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
HIGH | CVE-2022-47664 | Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qp ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
HIGH | CVE-2022-47665 | Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
HIGH | CVE-2023-25221 | Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vuln ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
HIGH | CVE-2023-27103 | Libde265 v1.0.11 was discovered to contain a heap buffer overflow via ... | libde265-0 | 1.0.3-1+b1 | |
HIGH | CVE-2019-18804 | DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32490 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds wri ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32491 | A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32492 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds rea ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32493 | A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overfl ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-3500 | A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2019-18804 | DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32490 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds wri ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32491 | A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32492 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds rea ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32493 | A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overfl ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-3500 | A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2019-18804 | DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32490 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds wri ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32491 | A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32492 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds rea ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-32493 | A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overfl ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-3500 | A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
HIGH | CVE-2021-45960 | Large number of prefixed XML attributes on a single tag can crash libexpat | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2021-46143 | Integer overflow in doProlog in xmlparse.c | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-22825 | Integer overflow in lookup in xmlparse.c | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-22826 | Integer overflow in nextScaffoldPart in xmlparse.c | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-22827 | Integer overflow in storeAtts in xmlparse.c | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-23990 | integer overflow in the doProlog function | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-25314 | Integer overflow in copyString() | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
HIGH | CVE-2022-40674 | a use-after-free in the doContent function in xmlparse.c | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u5 |
HIGH | CVE-2022-43680 | use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u6 |
HIGH | CVE-2021-45960 | Large number of prefixed XML attributes on a single tag can crash libexpat | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2021-46143 | Integer overflow in doProlog in xmlparse.c | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-22825 | Integer overflow in lookup in xmlparse.c | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-22826 | Integer overflow in nextScaffoldPart in xmlparse.c | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-22827 | Integer overflow in storeAtts in xmlparse.c | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-23990 | integer overflow in the doProlog function | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u2 |
HIGH | CVE-2022-25314 | Integer overflow in copyString() | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
HIGH | CVE-2022-40674 | a use-after-free in the doContent function in xmlparse.c | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u5 |
HIGH | CVE-2022-43680 | use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u6 |
HIGH | CVE-2022-1304 | out-of-bounds read/write via crafted filesystem | libext2fs2 | 1.44.5-1+deb10u3 | |
HIGH | CVE-2022-27405 | Segmentation violation via FNT_Size_Request | libfreetype6 | 2.9.1-3+deb10u2 | 2.9.1-3+deb10u3 |
HIGH | CVE-2022-27406 | Segmentation violation via FT_Request_Size | libfreetype6 | 2.9.1-3+deb10u2 | 2.9.1-3+deb10u3 |
HIGH | CVE-2022-27405 | Segmentation violation via FNT_Size_Request | libfreetype6-dev | 2.9.1-3+deb10u2 | 2.9.1-3+deb10u3 |
HIGH | CVE-2022-27406 | Segmentation violation via FT_Request_Size | libfreetype6-dev | 2.9.1-3+deb10u2 | 2.9.1-3+deb10u3 |
HIGH | CVE-2022-25308 | fribidi: Stack based buffer overflow | libfribidi0 | 1.0.5-3.1+deb10u1 | 1.0.5-3.1+deb10u2 |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libgcc-8-dev | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libgcc-8-dev | 8.3.0-6 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libgcc1 | 1:8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libgcc1 | 1:8.3.0-6 | |
HIGH | CVE-2021-33560 | mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack ag | libgcrypt20 | 1.8.4-5+deb10u1 | |
HIGH | CVE-2023-29499 | GVariant offset table entry size is not checked in is_normal() | libglib2.0-0 | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
HIGH | CVE-2023-29499 | GVariant offset table entry size is not checked in is_normal() | libglib2.0-bin | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
HIGH | CVE-2023-29499 | GVariant offset table entry size is not checked in is_normal() | libglib2.0-data | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
HIGH | CVE-2023-29499 | GVariant offset table entry size is not checked in is_normal() | libglib2.0-dev | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
HIGH | CVE-2023-29499 | GVariant offset table entry size is not checked in is_normal() | libglib2.0-dev-bin | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
HIGH | CVE-2021-43618 | Integer overflow and resultant buffer overflow via crafted input | libgmp-dev | 2:6.1.2+dfsg-4 | 2:6.1.2+dfsg-4+deb10u1 |
HIGH | CVE-2021-43618 | Integer overflow and resultant buffer overflow via crafted input | libgmp10 | 2:6.1.2+dfsg-4 | 2:6.1.2+dfsg-4+deb10u1 |
HIGH | CVE-2021-43618 | Integer overflow and resultant buffer overflow via crafted input | libgmpxx4ldbl | 2:6.1.2+dfsg-4 | 2:6.1.2+dfsg-4+deb10u1 |
HIGH | CVE-2022-2509 | Double free during gnutls_pkcs7_verify | libgnutls-dane0 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
HIGH | CVE-2023-0361 | timing side-channel in the TLS RSA key exchange code | libgnutls-dane0 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u10 |
HIGH | CVE-2022-2509 | Double free during gnutls_pkcs7_verify | libgnutls-openssl27 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
HIGH | CVE-2023-0361 | timing side-channel in the TLS RSA key exchange code | libgnutls-openssl27 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u10 |
HIGH | CVE-2022-2509 | Double free during gnutls_pkcs7_verify | libgnutls28-dev | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
HIGH | CVE-2023-0361 | timing side-channel in the TLS RSA key exchange code | libgnutls28-dev | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u10 |
HIGH | CVE-2022-2509 | Double free during gnutls_pkcs7_verify | libgnutls30 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
HIGH | CVE-2023-0361 | timing side-channel in the TLS RSA key exchange code | libgnutls30 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u10 |
HIGH | CVE-2022-2509 | Double free during gnutls_pkcs7_verify | libgnutlsxx28 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
HIGH | CVE-2023-0361 | timing side-channel in the TLS RSA key exchange code | libgnutlsxx28 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u10 |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libgomp1 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libgomp1 | 8.3.0-6 | |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libgssapi-krb5-2 | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | libgssapi-krb5-2 | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libgssrpc4 | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | libgssrpc4 | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2023-25193 | allows attackers to trigger O(n^2) growth via consecutive marks | libharfbuzz0b | 2.3.1-1 | |
HIGH | CVE-2020-19498 | Floating point exception in function Fraction in libheif 1.4.0, allows ... | libheif1 | 1.3.2-2~deb10u1 | |
HIGH | CVE-2020-19499 | An issue was discovered in heif::Box_iref::get_references in libheif 1 ... | libheif1 | 1.3.2-2~deb10u1 | |
HIGH | CVE-2020-23109 | Buffer overflow vulnerability in function convert_colorspace in heif_c ... | libheif1 | 1.3.2-2~deb10u1 | |
HIGH | CVE-2023-0996 | There is a vulnerability in the strided image data parsing code in the ... | libheif1 | 1.3.2-2~deb10u1 | |
HIGH | CVE-2019-12290 | GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ... | libidn2-0 | 2.0.5-1+deb10u1 | |
HIGH | CVE-2019-12290 | GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ... | libidn2-dev | 2.0.5-1+deb10u1 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libitm1 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libitm1 | 8.3.0-6 | |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libk5crypto3 | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | libk5crypto3 | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libkadm5clnt-mit11 | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | libkadm5clnt-mit11 | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libkadm5srv-mit11 | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | libkadm5srv-mit11 | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libkdb5-9 | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | libkdb5-9 | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libkrb5-3 | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | libkrb5-3 | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libkrb5-dev | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | libkrb5-dev | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libkrb5support0 | 1.17-3+deb10u1 | 1.17-3+deb10u2 |
HIGH | CVE-2022-42898 | integer overflow vulnerabilities in PAC parsing | libkrb5support0 | 1.17-3+deb10u1 | 1.17-3+deb10u5 |
HIGH | CVE-2023-2953 | null pointer dereference in ber_memalloc_x function | libldap-2.4-2 | 2.4.47+dfsg-3+deb10u6 | |
HIGH | CVE-2023-2953 | null pointer dereference in ber_memalloc_x function | libldap-common | 2.4.47+dfsg-3+deb10u6 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | liblsan0 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | liblsan0 | 8.3.0-6 | |
HIGH | CVE-2022-1271 | arbitrary-file-write vulnerability | liblzma-dev | 5.2.4-1 | 5.2.4-1+deb10u1 |
HIGH | CVE-2022-1271 | arbitrary-file-write vulnerability | liblzma5 | 5.2.4-1 | 5.2.4-1+deb10u1 |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-19667 | Stack buffer overflow in XPM coder could result in a crash | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-27752 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2020-27766 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2020-29599 | ImageMagick: Shell injection via PDF password could result in arbitrary code execution | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
HIGH | CVE-2021-20309 | ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20312 | ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-20313 | ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signatur | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2021-40211 | Division by zero in ReadEnhMetaFile lead to DoS | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-1114 | ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2022-28463 | ImageMagick: heap-buffer-overflow in PushLongPixel() of quantum-private.h | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32545 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/psd.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32546 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/pcl.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-32547 | ImageMagick: load of misaligned address at MagickCore/property.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
HIGH | CVE-2022-48541 | A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote att ... | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
HIGH | CVE-2021-46669 | mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free wh | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-24048 | mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixe | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24050 | mariadb: lack of validating the existence of an object prior to performing operations on the object | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24051 | mariadb: lack of proper validation of a user-supplied string before using it as a format specifier | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24052 | mariadb: CONNECT storage engine heap-based buffer overflow | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-27376 | mariadb: assertion failure in Item_args::walk_arg | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27377 | mariadb: use-after-poison when complex conversion is involved in blob | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27378 | mariadb: server crash in create_tmp_table::finalize | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27379 | mariadb: server crash in component arg_comparator::compare_real_fixed | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27380 | mariadb: server crash at my_decimal::operator= | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27381 | mariadb: server crash at Field::set_default via specially crafted SQL statements | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27383 | mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27384 | mariadb: crash via component Item_subselect::init_expr_cache_tracker | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27386 | mariadb: server crashes in query_arena::set_query_arena upon SELECT from view | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27387 | mariadb: assertion failures in decimal_bin_size | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27445 | mariadb: assertion failure in compare_order_elements | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27447 | mariadb: use-after-poison in Binary_string::free_buffer | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27448 | mariadb: crash in multi-update and implicit grouping | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27449 | mariadb: assertion failure in sql/item_func.cc | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27452 | mariadb: assertion failure in sql/item_cmpfunc.cc | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27456 | mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27458 | mariadb: use-after-poison in Binary_string::free_buffer | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32083 | mariadb: server crash at Item_subselect::init_expr_cache_tracker | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32084 | segmentation fault via the component sub_select | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32085 | mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32087 | mariadb: server crash in Item_args::walk_args | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32088 | mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32091 | free or in copy_fields | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2021-46669 | mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free wh | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-24048 | mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixe | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24050 | mariadb: lack of validating the existence of an object prior to performing operations on the object | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24051 | mariadb: lack of proper validation of a user-supplied string before using it as a format specifier | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24052 | mariadb: CONNECT storage engine heap-based buffer overflow | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-27376 | mariadb: assertion failure in Item_args::walk_arg | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27377 | mariadb: use-after-poison when complex conversion is involved in blob | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27378 | mariadb: server crash in create_tmp_table::finalize | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27379 | mariadb: server crash in component arg_comparator::compare_real_fixed | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27380 | mariadb: server crash at my_decimal::operator= | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27381 | mariadb: server crash at Field::set_default via specially crafted SQL statements | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27383 | mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27384 | mariadb: crash via component Item_subselect::init_expr_cache_tracker | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27386 | mariadb: server crashes in query_arena::set_query_arena upon SELECT from view | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27387 | mariadb: assertion failures in decimal_bin_size | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27445 | mariadb: assertion failure in compare_order_elements | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27447 | mariadb: use-after-poison in Binary_string::free_buffer | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27448 | mariadb: crash in multi-update and implicit grouping | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27449 | mariadb: assertion failure in sql/item_func.cc | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27452 | mariadb: assertion failure in sql/item_cmpfunc.cc | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27456 | mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27458 | mariadb: use-after-poison in Binary_string::free_buffer | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32083 | mariadb: server crash at Item_subselect::init_expr_cache_tracker | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32084 | segmentation fault via the component sub_select | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32085 | mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32087 | mariadb: server crash in Item_args::walk_args | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32088 | mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32091 | free or in copy_fields | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2021-46669 | mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free wh | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-24048 | mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixe | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24050 | mariadb: lack of validating the existence of an object prior to performing operations on the object | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24051 | mariadb: lack of proper validation of a user-supplied string before using it as a format specifier | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24052 | mariadb: CONNECT storage engine heap-based buffer overflow | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-27376 | mariadb: assertion failure in Item_args::walk_arg | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27377 | mariadb: use-after-poison when complex conversion is involved in blob | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27378 | mariadb: server crash in create_tmp_table::finalize | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27379 | mariadb: server crash in component arg_comparator::compare_real_fixed | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27380 | mariadb: server crash at my_decimal::operator= | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27381 | mariadb: server crash at Field::set_default via specially crafted SQL statements | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27383 | mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27384 | mariadb: crash via component Item_subselect::init_expr_cache_tracker | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27386 | mariadb: server crashes in query_arena::set_query_arena upon SELECT from view | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27387 | mariadb: assertion failures in decimal_bin_size | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27445 | mariadb: assertion failure in compare_order_elements | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27447 | mariadb: use-after-poison in Binary_string::free_buffer | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27448 | mariadb: crash in multi-update and implicit grouping | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27449 | mariadb: assertion failure in sql/item_func.cc | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27452 | mariadb: assertion failure in sql/item_cmpfunc.cc | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27456 | mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27458 | mariadb: use-after-poison in Binary_string::free_buffer | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32083 | mariadb: server crash at Item_subselect::init_expr_cache_tracker | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32084 | segmentation fault via the component sub_select | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32085 | mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32087 | mariadb: server crash in Item_args::walk_args | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32088 | mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32091 | free or in copy_fields | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libmpx2 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libmpx2 | 8.3.0-6 | |
HIGH | CVE-2022-29458 | segfaulting OOB read | libncurses-dev | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u3 |
HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | libncurses-dev | 6.1+20181013-2+deb10u2 | |
HIGH | CVE-2022-29458 | segfaulting OOB read | libncurses5-dev | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u3 |
HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | libncurses5-dev | 6.1+20181013-2+deb10u2 | |
HIGH | CVE-2022-29458 | segfaulting OOB read | libncurses6 | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u3 |
HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | libncurses6 | 6.1+20181013-2+deb10u2 | |
HIGH | CVE-2022-29458 | segfaulting OOB read | libncursesw5-dev | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u3 |
HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | libncursesw5-dev | 6.1+20181013-2+deb10u2 | |
HIGH | CVE-2022-29458 | segfaulting OOB read | libncursesw6 | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u3 |
HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | libncursesw6 | 6.1+20181013-2+deb10u2 | |
HIGH | CVE-2020-11080 | overly large SETTINGS frames can lead to DoS | libnghttp2-14 | 1.36.0-2+deb10u1 | 1.36.0-2+deb10u2 |
HIGH | CVE-2023-44487 | Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) | libnghttp2-14 | 1.36.0-2+deb10u1 | 1.36.0-2+deb10u2 |
HIGH | CVE-2021-20298 | OpenEXR: Out-of-memory in B44Compressor | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
HIGH | CVE-2021-20299 | OpenEXR: Null-dereference READ in Imf_2_5::Header::operator | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
HIGH | CVE-2021-20298 | OpenEXR: Out-of-memory in B44Compressor | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
HIGH | CVE-2021-20299 | OpenEXR: Null-dereference READ in Imf_2_5::Header::operator | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
HIGH | CVE-2021-3575 | openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution | libopenjp2-7 | 2.3.0-2+deb10u2 | |
HIGH | CVE-2021-3575 | openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution | libopenjp2-7-dev | 2.3.0-2+deb10u2 | |
HIGH | CVE-2019-20454 | pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode | libpcre2-8-0 | 10.32-5 | 10.32-5+deb10u1 |
HIGH | CVE-2020-16156 | Bypass of verification of signatures in CHECKSUMS files | libperl5.28 | 5.28.1-6+deb10u1 | |
HIGH | CVE-2023-31484 | CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS | libperl5.28 | 5.28.1-6+deb10u1 | |
HIGH | CVE-2022-44638 | Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write | libpixman-1-0 | 0.36.0-1 | 0.36.0-1+deb10u1 |
HIGH | CVE-2022-44638 | Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write | libpixman-1-dev | 0.36.0-1 | 0.36.0-1+deb10u1 |
HIGH | CVE-2021-23214 | server processes unencrypted bytes from man-in-the-middle | libpq-dev | 11.12-0+deb10u1 | 11.14-0+deb10u1 |
HIGH | CVE-2022-1552 | Autovacuum, REINDEX, and others omit "security restricted operation" sandbox | libpq-dev | 11.12-0+deb10u1 | 11.16-0+deb10u1 |
HIGH | CVE-2022-2625 | Extension scripts replace objects not belonging to the extension. | libpq-dev | 11.12-0+deb10u1 | 11.17-0+deb10u1 |
HIGH | CVE-2023-2454 | schema_element defeats protective search_path changes | libpq-dev | 11.12-0+deb10u1 | 11.20-0+deb10u1 |
HIGH | CVE-2023-39417 | extension script @substitutions@ within quoting allow SQL injection | libpq-dev | 11.12-0+deb10u1 | 11.21-0+deb10u2 |
HIGH | CVE-2021-23214 | server processes unencrypted bytes from man-in-the-middle | libpq5 | 11.12-0+deb10u1 | 11.14-0+deb10u1 |
HIGH | CVE-2022-1552 | Autovacuum, REINDEX, and others omit "security restricted operation" sandbox | libpq5 | 11.12-0+deb10u1 | 11.16-0+deb10u1 |
HIGH | CVE-2022-2625 | Extension scripts replace objects not belonging to the extension. | libpq5 | 11.12-0+deb10u1 | 11.17-0+deb10u1 |
HIGH | CVE-2023-2454 | schema_element defeats protective search_path changes | libpq5 | 11.12-0+deb10u1 | 11.20-0+deb10u1 |
HIGH | CVE-2023-39417 | extension script @substitutions@ within quoting allow SQL injection | libpq5 | 11.12-0+deb10u1 | 11.21-0+deb10u2 |
HIGH | CVE-2015-20107 | python: mailcap: findmatch() function does not sanitize the second argument | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2019-20907 | infinite loop in the tarfile module via crafted TAR archive | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2020-10735 | int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to | libpython2.7-minimal | 2.7.16-2+deb10u1 | |
HIGH | CVE-2020-26116 | CRLF injection via HTTP request method in httplib/http.client | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2021-3737 | HTTP client possible infinite loop on a 100 Continue response | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2022-0391 | urllib.parse does not sanitize URLs containing ASCII newline and tabs | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2022-45061 | CPU denial of service via inefficient IDNA decoder | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2022-48560 | A use-after-free exists in Python through 3.9 via heappushpop in heapq ... | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2023-24329 | urllib.parse url blocklisting bypass | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2015-20107 | python: mailcap: findmatch() function does not sanitize the second argument | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2019-20907 | infinite loop in the tarfile module via crafted TAR archive | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2020-10735 | int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to | libpython2.7-stdlib | 2.7.16-2+deb10u1 | |
HIGH | CVE-2020-26116 | CRLF injection via HTTP request method in httplib/http.client | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2021-3737 | HTTP client possible infinite loop on a 100 Continue response | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2022-0391 | urllib.parse does not sanitize URLs containing ASCII newline and tabs | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2022-45061 | CPU denial of service via inefficient IDNA decoder | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2022-48560 | A use-after-free exists in Python through 3.9 via heappushpop in heapq ... | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2023-24329 | urllib.parse url blocklisting bypass | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2015-20107 | python: mailcap: findmatch() function does not sanitize the second argument | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2020-10735 | int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2021-3737 | HTTP client possible infinite loop on a 100 Continue response | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2022-0391 | urllib.parse does not sanitize URLs containing ASCII newline and tabs | libpython3.7-minimal | 3.7.3-2+deb10u3 | |
HIGH | CVE-2022-45061 | CPU denial of service via inefficient IDNA decoder | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2022-48560 | A use-after-free exists in Python through 3.9 via heappushpop in heapq ... | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
HIGH | CVE-2023-24329 | urllib.parse url blocklisting bypass | libpython3.7-minimal | 3.7.3-2+deb10u3 | |
HIGH | CVE-2015-20107 | python: mailcap: findmatch() function does not sanitize the second argument | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2020-10735 | int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2021-3737 | HTTP client possible infinite loop on a 100 Continue response | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2022-0391 | urllib.parse does not sanitize URLs containing ASCII newline and tabs | libpython3.7-stdlib | 3.7.3-2+deb10u3 | |
HIGH | CVE-2022-45061 | CPU denial of service via inefficient IDNA decoder | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2022-48560 | A use-after-free exists in Python through 3.9 via heappushpop in heapq ... | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
HIGH | CVE-2023-24329 | urllib.parse url blocklisting bypass | libpython3.7-stdlib | 3.7.3-2+deb10u3 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libquadmath0 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libquadmath0 | 8.3.0-6 | |
HIGH | CVE-2022-24407 | failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands | libsasl2-2 | 2.1.27+dfsg-1+deb10u1 | 2.1.27+dfsg-1+deb10u2 |
HIGH | CVE-2022-24407 | failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands | libsasl2-modules-db | 2.1.27+dfsg-1+deb10u1 | 2.1.27+dfsg-1+deb10u2 |
HIGH | CVE-2019-19603 | mishandling of certain SELECT statements with non-existent VIEW can lead to DoS | libsqlite3-0 | 3.27.2-3+deb10u1 | |
HIGH | CVE-2020-35525 | Null pointer derreference in src/select.c | libsqlite3-0 | 3.27.2-3+deb10u1 | 3.27.2-3+deb10u2 |
HIGH | CVE-2021-31239 | denial of service via the appendvfs.c function | libsqlite3-0 | 3.27.2-3+deb10u1 | |
HIGH | CVE-2019-19603 | mishandling of certain SELECT statements with non-existent VIEW can lead to DoS | libsqlite3-dev | 3.27.2-3+deb10u1 | |
HIGH | CVE-2020-35525 | Null pointer derreference in src/select.c | libsqlite3-dev | 3.27.2-3+deb10u1 | 3.27.2-3+deb10u2 |
HIGH | CVE-2021-31239 | denial of service via the appendvfs.c function | libsqlite3-dev | 3.27.2-3+deb10u1 | |
HIGH | CVE-2022-1304 | out-of-bounds read/write via crafted filesystem | libss2 | 1.44.5-1+deb10u3 | |
HIGH | CVE-2019-13115 | integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to o | libssh2-1 | 1.8.0-2.1 | 1.8.0-2.1+deb10u1 |
HIGH | CVE-2019-17498 | integer overflow in SSH_MSG_DISCONNECT logic in packet.c | libssh2-1 | 1.8.0-2.1 | 1.8.0-2.1+deb10u1 |
HIGH | CVE-2020-22218 | use-of-uninitialized-value in _libssh2_transport_read | libssh2-1 | 1.8.0-2.1 | 1.8.0-2.1+deb10u1 |
HIGH | CVE-2021-3712 | Read buffer overruns processing ASN.1 strings | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u7 |
HIGH | CVE-2022-0778 | Infinite loop in BN_mod_sqrt() reachable when parsing certificates | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u8 |
HIGH | CVE-2022-4450 | double free after calling PEM_read_bio_ex | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
HIGH | CVE-2023-0215 | use-after-free following BIO_new_NDEF | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
HIGH | CVE-2023-0286 | X.400 address type confusion in X.509 GeneralName | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
HIGH | CVE-2023-0464 | Denial of service by excessive resource usage in verifying X509 policy constraints | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
HIGH | CVE-2021-3712 | Read buffer overruns processing ASN.1 strings | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u7 |
HIGH | CVE-2022-0778 | Infinite loop in BN_mod_sqrt() reachable when parsing certificates | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u8 |
HIGH | CVE-2022-4450 | double free after calling PEM_read_bio_ex | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
HIGH | CVE-2023-0215 | use-after-free following BIO_new_NDEF | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
HIGH | CVE-2023-0286 | X.400 address type confusion in X.509 GeneralName | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
HIGH | CVE-2023-0464 | Denial of service by excessive resource usage in verifying X509 policy constraints | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libstdc++-8-dev | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libstdc++-8-dev | 8.3.0-6 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libstdc++6 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libstdc++6 | 8.3.0-6 | |
HIGH | CVE-2022-24070 | subversion: Subversion's mod_dav_svn is vulnerable to memory corruption | libsvn1 | 1.10.4-1+deb10u2 | 1.10.4-1+deb10u3 |
HIGH | CVE-2019-3843 | systemd: services with DynamicUser can create SUID/SGID binaries | libsystemd0 | 241-7~deb10u7 | |
HIGH | CVE-2019-3844 | systemd: services with DynamicUser can get new privileges and create SGID binaries | libsystemd0 | 241-7~deb10u7 | |
HIGH | CVE-2023-26604 | privilege escalation via the less pager | libsystemd0 | 241-7~deb10u7 | 241-7~deb10u9 |
HIGH | CVE-2022-0891 | libtiff: heap buffer overflow in extractImageSection | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
HIGH | CVE-2022-3970 | integer overflow in function TIFFReadRGBATileExt of the file | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
HIGH | CVE-2023-25434 | heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
HIGH | CVE-2022-0891 | libtiff: heap buffer overflow in extractImageSection | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
HIGH | CVE-2022-3970 | integer overflow in function TIFFReadRGBATileExt of the file | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
HIGH | CVE-2023-25434 | heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
HIGH | CVE-2022-0891 | libtiff: heap buffer overflow in extractImageSection | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
HIGH | CVE-2022-3970 | integer overflow in function TIFFReadRGBATileExt of the file | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
HIGH | CVE-2023-25434 | heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
HIGH | CVE-2022-29458 | segfaulting OOB read | libtinfo6 | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u3 |
HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | libtinfo6 | 6.1+20181013-2+deb10u2 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libtsan0 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libtsan0 | 8.3.0-6 | |
HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libubsan1 | 8.3.0-6 | |
HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libubsan1 | 8.3.0-6 | |
HIGH | CVE-2019-3843 | systemd: services with DynamicUser can create SUID/SGID binaries | libudev1 | 241-7~deb10u7 | |
HIGH | CVE-2019-3844 | systemd: services with DynamicUser can get new privileges and create SGID binaries | libudev1 | 241-7~deb10u7 | |
HIGH | CVE-2023-26604 | privilege escalation via the less pager | libudev1 | 241-7~deb10u7 | 241-7~deb10u9 |
HIGH | CVE-2022-3204 | NRDelegation attack leads to uncontrolled resource consumption (Non-Responsive Delegation Attack) | libunbound8 | 1.9.0-2+deb10u2 | 1.9.0-2+deb10u3 |
HIGH | CVE-2023-1999 | Double-free in libwebp | libwebp-dev | 0.6.1-2+deb10u1 | 0.6.1-2+deb10u2 |
HIGH | CVE-2023-4863 | Heap buffer overflow in WebP Codec | libwebp-dev | 0.6.1-2+deb10u1 | 0.6.1-2+deb10u3 |
HIGH | CVE-2023-1999 | Double-free in libwebp | libwebp6 | 0.6.1-2+deb10u1 | 0.6.1-2+deb10u2 |
HIGH | CVE-2023-4863 | Heap buffer overflow in WebP Codec | libwebp6 | 0.6.1-2+deb10u1 | 0.6.1-2+deb10u3 |
HIGH | CVE-2023-1999 | Double-free in libwebp | libwebpdemux2 | 0.6.1-2+deb10u1 | 0.6.1-2+deb10u2 |
HIGH | CVE-2023-4863 | Heap buffer overflow in WebP Codec | libwebpdemux2 | 0.6.1-2+deb10u1 | 0.6.1-2+deb10u3 |
HIGH | CVE-2023-1999 | Double-free in libwebp | libwebpmux3 | 0.6.1-2+deb10u1 | 0.6.1-2+deb10u2 |
HIGH | CVE-2023-4863 | Heap buffer overflow in WebP Codec | libwebpmux3 | 0.6.1-2+deb10u1 | 0.6.1-2+deb10u3 |
HIGH | CVE-2023-3138 | InitExt.c can overwrite unintended portions of the Display structure if the extension request leads | libx11-6 | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u3 |
HIGH | CVE-2023-43787 | integer overflow in XCreateImage() leading to a heap overflow | libx11-6 | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u4 |
HIGH | CVE-2023-3138 | InitExt.c can overwrite unintended portions of the Display structure if the extension request leads | libx11-data | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u3 |
HIGH | CVE-2023-43787 | integer overflow in XCreateImage() leading to a heap overflow | libx11-data | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u4 |
HIGH | CVE-2023-3138 | InitExt.c can overwrite unintended portions of the Display structure if the extension request leads | libx11-dev | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u3 |
HIGH | CVE-2023-43787 | integer overflow in XCreateImage() leading to a heap overflow | libx11-dev | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u4 |
HIGH | CVE-2017-16932 | libxml2: Infinite recursion in parameter entities | libxml2 | 2.9.4+dfsg1-7+deb10u2 | |
HIGH | CVE-2022-2309 | lxml: NULL Pointer Dereference in lxml | libxml2 | 2.9.4+dfsg1-7+deb10u2 | |
HIGH | CVE-2022-23308 | Use-after-free of ID and IDREF attributes | libxml2 | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u3 |
HIGH | CVE-2022-40303 | integer overflows with XML_PARSE_HUGE | libxml2 | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u5 |
HIGH | CVE-2022-40304 | dict corruption caused by entity reference cycles | libxml2 | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u5 |
HIGH | CVE-2017-16932 | libxml2: Infinite recursion in parameter entities | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | |
HIGH | CVE-2022-2309 | lxml: NULL Pointer Dereference in lxml | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | |
HIGH | CVE-2022-23308 | Use-after-free of ID and IDREF attributes | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u3 |
HIGH | CVE-2022-40303 | integer overflows with XML_PARSE_HUGE | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u5 |
HIGH | CVE-2022-40304 | dict corruption caused by entity reference cycles | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u5 |
HIGH | CVE-2019-5815 | chromium-browser: Heap buffer overflow in Blink | libxslt1-dev | 1.1.32-2.2~deb10u1 | 1.1.32-2.2~deb10u2 |
HIGH | CVE-2021-30560 | Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ... | libxslt1-dev | 1.1.32-2.2~deb10u1 | 1.1.32-2.2~deb10u2 |
HIGH | CVE-2019-5815 | chromium-browser: Heap buffer overflow in Blink | libxslt1.1 | 1.1.32-2.2~deb10u1 | 1.1.32-2.2~deb10u2 |
HIGH | CVE-2021-30560 | Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ... | libxslt1.1 | 1.1.32-2.2~deb10u1 | 1.1.32-2.2~deb10u2 |
HIGH | CVE-2013-7445 | kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2019-19449 | kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_ | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2019-19814 | kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2020-12362 | Integer overflow in Intel(R) Graphics Drivers | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2020-16119 | kernel: DCCP CCID structure use-after-free may lead to DoS or code execution | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2020-36385 | kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2021-20322 | kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-22543 | kernel: Improper handling of VM_IO | VM_PFNMAP vmas in KVM can bypass RO checks | linux-libc-dev | 4.19.194-1 |
HIGH | CVE-2021-22600 | double free in packet_set_ring() in net/packet/af_packet.c | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-33909 | kernel: size_t-to-int conversion vulnerability in the filesystem layer | linux-libc-dev | 4.19.194-1 | 4.19.194-3 |
HIGH | CVE-2021-3444 | bpf verifier incorrect mod32 truncation | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-3493 | kernel: overlayfs file system caps privilege escalation | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2021-35039 | kernel: allows loading unsigned kernel modules via init_module syscall | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-3600 | kernel: eBPF 32-bit source register truncation on div/mod | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-3609 | kernel: race condition in net/can/bcm.c leads to local privilege escalation | linux-libc-dev | 4.19.194-1 | 4.19.194-3 |
HIGH | CVE-2021-3612 | kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-3640 | use-after-free vulnerability in function sco_sock_sendmsg() | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-3653 | kernel: SVM nested virtualization issue in KVM (AVIC support) | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-3656 | kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-3743 | out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-3752 | possible use-after-free in bluetooth module | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-37576 | kernel: powerpc: KVM guest OS users can cause host OS memory corruption | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-3760 | kernel: nfc: Use-After-Free vulnerability of ndev->rf_conn_info object | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-38160 | kernel: data corruption or loss can be triggered by an untrusted device that supplies a buf->len val | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-38207 | kernel: buffer overflow in drivers/net/ethernet/xilinx/ll_temac_main.c by sending heavy network traf | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2021-38300 | kernel: crafting anomalous machine code may lead to arbitrary Kernel code execution | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-3847 | low-privileged user privileges escalation | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2021-3864 | descendant's dumpable setting with certain SUID binaries | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2021-39685 | kernel: USB gadget buffer overflow | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-39686 | kernel: race condition in the Android binder driver could lead to incorrect security checks | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-39698 | use-after-free in the file polling implementation | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-39713 | race condition in the network scheduling subsystem could lead to an use-after-free | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-4037 | kernel: security regression for CVE-2018-13405 | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2021-40490 | race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsyste | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-4083 | check that the fd still exists after getting a ref to it | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-41864 | kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-4197 | kernel: cgroup: Use open-time creds and namespace for migration perm checks | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2021-42008 | kernel: slab out-of-bounds write in decode_data() in drivers/net/hamradio/6pack.c | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-4202 | Race condition in nci_request() leads to use after free while the device is getting removed | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-42252 | kernel: memory overwrite in the kernel with potential privileges execution | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2021-44733 | kernel: use-after-free in the TEE subsystem | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-45469 | kernel: out-of-bounds memory access in __f2fs_setxattr() in fs/f2fs/xattr.c when an inode has an inv | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2021-45485 | kernel: information leak in the IPv6 implementation | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2022-0330 | kernel: possible privileges escalation due to missing TLB flush | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2022-0435 | kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2022-0492 | cgroups v1 release_agent feature may allow privilege escalation | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2022-0850 | information leak in copy_page_to_iter() in iov_iter.c | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2022-1011 | kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-1012 | kernel: Small table perturb size in the TCP source port generation algorithm can lead to information | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-1048 | race condition in snd_pcm_hw_free leading to use-after-free | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-1199 | Null pointer dereference and use after free in ax25_release() | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-1353 | kernel info leak issue in pfkey_register | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-1419 | kernel: a concurrency use-after-free in vgem_gem_dumb_create | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-1652 | kernel: A concurrency use-after-free in floppy disk device driver. | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-1678 | improper update of sock reference in TCP pacing can lead to memory leak | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2022-1679 | use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-1729 | kernel: race condition in perf_event_open leads to privilege escalation | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-1734 | kernel: Use-After-Free in NFC driver in nfcmrvl_nci_unregister_dev when simulating NFC device from u | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-20141 | use-after-free in ip_check_mc_rcu when opening and closing inet sockets | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
HIGH | CVE-2022-20368 | kernel: net/packet: slab-out-of-bounds access in packet_recvmsg() | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
HIGH | CVE-2022-20421 | kernel: use after free in binder_inc_ref_for_node in drivers/android/binder.c due | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-20422 | In emulation_proc_handler of armv8_deprecated.c, there is a possible w ... | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-20566 | possible use after free due to improper locking in l2cap_chan_put of l2cap_core | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-22942 | kernel: failing usercopy allows for use-after-free exploitation | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2022-23036 | Linux PV device frontends vulnerable to attacks by backends T[his CNA ... | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
HIGH | CVE-2022-23037 | Linux PV device frontends vulnerable to attacks by backends T[his CNA ... | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
HIGH | CVE-2022-23038 | Linux PV device frontends vulnerable to attacks by backends T[his CNA ... | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
HIGH | CVE-2022-23039 | Linux PV device frontends vulnerable to attacks by backends T[his CNA ... | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
HIGH | CVE-2022-23040 | Linux PV device frontends vulnerable to attacks by backends T[his CNA ... | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
HIGH | CVE-2022-23041 | Linux PV device frontends vulnerable to attacks by backends T[his CNA ... | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
HIGH | CVE-2022-23042 | Linux PV device frontends vulnerable to attacks by backends T[his CNA ... | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
HIGH | CVE-2022-24958 | kernel: use-after-free in dev->buf release in drivers/usb/gadget/legacy/inode.c | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
HIGH | CVE-2022-2588 | a use-after-free in cls_route filter implementation may lead to privilege escalation | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-26365 | Linux disk/nic frontends data leaks T[his CNA information record relat ... | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-2639 | integer underflow leads to out-of-bounds write in reserve_sfa_size() | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
HIGH | CVE-2022-26490 | kernel: potential buffer overflows in EVT_TRANSACTION in st21nfca | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-27223 | kernel: In drivers/usb/gadget/udc/udc-xilinx.c the endpoint index is not validated | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2022-27666 | kernel: buffer overflow in IPsec ESP transformation code | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-28390 | kernel: double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-29581 | use-after-free due to improper update of reference count in net/sched/cls_u32.c | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-2964 | memory corruption in AX88179_178A based USB ethernet device. | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
HIGH | CVE-2022-2977 | kernel: use-after-free Read in put_device (/dev/vtpmx) | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
HIGH | CVE-2022-2978 | kernel: use-after-free in nilfs_mdt_destroy | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
HIGH | CVE-2022-3028 | race condition in xfrm_probe_algs can lead to OOB read/write | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-30594 | Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-3176 | use-after-free in io_uring for POLLFREE notification with Signalfd_poll() and binder_poll() | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2022-3202 | Kernel: jfs: Null Pointer Deference in jfs_evict_inode leads to Denial of Service | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
HIGH | CVE-2022-32250 | kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
HIGH | CVE-2022-3239 | initialize refcount before kref_get | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
HIGH | CVE-2022-33740 | Linux disk/nic frontends data leaks T[his CNA information record relat ... | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-33741 | Linux disk/nic frontends data leaks T[his CNA information record relat ... | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-33742 | Linux disk/nic frontends data leaks T[his CNA information record relat ... | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-3424 | Use after Free in gru_set_context_option leading to kernel panic | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2022-3545 | A flaw leading to a use-after-free in area_cache_get() | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2022-3564 | use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
HIGH | CVE-2022-3565 | use-after-free in l1oip timer handlers | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
HIGH | CVE-2022-3566 | data races around icsk->icsk_af_ops in do_ipv6_setsockopt | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2022-3635 | kernel: use after in tst_timer in drivers/atm/idt77252.c | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-3640 | use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
HIGH | CVE-2022-3649 | kernel: nilfs2: use-after-free in nilfs_new_inode of fs/nilfs2/inode.c | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
HIGH | CVE-2022-36946 | DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-39189 | TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2022-4095 | kernel: Use-after-Free/Double-Free bug in read_bbreg_hdl in drivers/staging/rtl8712/rtl8712_cmd.c | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
HIGH | CVE-2022-41858 | null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
HIGH | CVE-2022-42896 | use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
HIGH | CVE-2022-4378 | stack overflow in do_proc_dointvec and proc_skip_spaces | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
HIGH | CVE-2022-43945 | nfsd buffer overflow by RPC message over TCP with garbage data | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2022-45934 | integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2022-4744 | avoid double free in tun_free_netdev | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2022-47518 | a heap-based buffer overflow in drivers/net/wireless/microchip/wilc1000/cfg80211.c | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2022-47519 | an out-of-bounds write in drivers/net/wireless/microchip/wilc1000/cfg80211.c | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2022-47520 | an out-of-bounds read in drivers/net/wireless/microchip/wilc1000/hif.c | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2022-47521 | a heap-based buffer overflow in drivers/net/wireless/microchip/wilc1000/cfg80211.c | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-0030 | Use after Free in nvkm_vmm_pfn_map | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-0045 | Bypassing Spectre-BTI User Space Mitigations | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-0266 | Move rwsem lock inside snd_ctl_elem_read to prevent UAF | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-0386 | FUSE filesystem low-privileged user privileges escalation | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-0461 | use-after-free in listening ULP sockets | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-1077 | Type confusion in pick_next_rt_entity() | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-1078 | Heap OOB Write in rds_rm_zerocopy_callback() | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-1118 | use-after-free in drivers/media/rc/ene_ir.c due to race condition | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-1281 | use-after-free vulnerability in traffic control index filter allows privilege escalation | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-1380 | a USB-accessible slab-out-of-bounds read in brcmfmac | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-1670 | use after free bug in xirc2ps_detach | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-1829 | Use-after-free vulnerability in the Linux Kernel traffic control index filter | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-1838 | Possible use-after-free since the two fdget() during vhost_net_set_backend() | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
HIGH | CVE-2023-1989 | Use after free bug in btsdio_remove due to race condition | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-2007 | DPT I2O controller TOCTOU information disclosure vulnerability | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-20938 | In binder_transaction_buffer_release of binder.c, there is a possible ... | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-2124 | OOB access in the Linux kernel's XFS subsystem | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-21255 | In multiple functions of binder.c, there is a possible memory corrupti ... | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-23559 | kernel: Integer overflow in function rndis_query_oid of rndis_wlan.c | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-28466 | race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-3090 | out-of-bounds write caused by unclear skb->cb | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-3111 | Use after free in prepare_to_relocate in fs/btrfs/relocation.c | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-3141 | Use after free bug in r592_remove | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-31436 | out-of-bounds write in qfq_change_class function | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-32233 | use-after-free in nf_tables when processing batch requests can lead to privilege escalation | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-3268 | out-of-bounds access in relay_file_read | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-3390 | UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batc | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-3397 | slab-use-after-free Write in txEnd due to race condition | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-34319 | buffer overrun in netback due to unusual packet (XSA-432) | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-35001 | stack-out-of-bounds-read in nft_byteorder_eval() | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-3567 | use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-35788 | out-of-bounds write in fl_set_geneve_opt() | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-35823 | race condition leading to use-after-free in saa7134_finidev() | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-35824 | race condition leading to use-after-free in dm1105_remove.c() | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-35827 | race condition leading to use-after-free in ravb_remove() | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-35828 | race condition leading to use-after-free in renesas_usb3_remove() | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
HIGH | CVE-2023-3609 | cls_u32 component reference counter leak if tcf_change_indev() fails | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-3611 | sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-3640 | a per-cpu entry area leak was identified through the init_cea_offsets function when prefetchnta and | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-3776 | cls_fw component can be exploited as result of failure in tcf_change_indev function | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-3812 | bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
HIGH | CVE-2023-40283 | use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-4128 | cls_fw, cls_u32 and cls_route | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-4206 | cls_route component can be exploited to achieve local privilege escalation | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-4207 | A use-after-free vulnerability in the Linux kernel's cls_fw component that can be exploited to achie | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-4208 | cls_u32 UAF | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-4244 | Use-after-free in nft_verdict_dump due to a race between set GC and transaction | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-42753 | potential slab-out-of-bound access due to integer underflow | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-4387 | use-after-free in vmxnet3_rq_alloc_rx_buf() | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
HIGH | CVE-2023-45862 | drivers/usb/storage/ene_ub6250.c | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
HIGH | CVE-2023-4610 | slab-use-after-free Read in radix_tree_lookup while fuzzing Linux kernel 6.4-rc6 with syzkaller. | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-4622 | use after free in unix_stream_sendpage | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-4623 | sch_hfsc UAF | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-4921 | use-after-free in sch_qfq network scheduler | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2023-5178 | use after free in nvmet_tcp_free_crypto in NVMe | linux-libc-dev | 4.19.194-1 | |
HIGH | CVE-2021-46669 | mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free wh | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-24048 | mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixe | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24050 | mariadb: lack of validating the existence of an object prior to performing operations on the object | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24051 | mariadb: lack of proper validation of a user-supplied string before using it as a format specifier | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-24052 | mariadb: CONNECT storage engine heap-based buffer overflow | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
HIGH | CVE-2022-27376 | mariadb: assertion failure in Item_args::walk_arg | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27377 | mariadb: use-after-poison when complex conversion is involved in blob | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27378 | mariadb: server crash in create_tmp_table::finalize | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27379 | mariadb: server crash in component arg_comparator::compare_real_fixed | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27380 | mariadb: server crash at my_decimal::operator= | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27381 | mariadb: server crash at Field::set_default via specially crafted SQL statements | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27383 | mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27384 | mariadb: crash via component Item_subselect::init_expr_cache_tracker | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27386 | mariadb: server crashes in query_arena::set_query_arena upon SELECT from view | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27387 | mariadb: assertion failures in decimal_bin_size | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27445 | mariadb: assertion failure in compare_order_elements | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27447 | mariadb: use-after-poison in Binary_string::free_buffer | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27448 | mariadb: crash in multi-update and implicit grouping | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27449 | mariadb: assertion failure in sql/item_func.cc | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27452 | mariadb: assertion failure in sql/item_cmpfunc.cc | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27456 | mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-27458 | mariadb: use-after-poison in Binary_string::free_buffer | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32083 | mariadb: server crash at Item_subselect::init_expr_cache_tracker | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32084 | segmentation fault via the component sub_select | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32085 | mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32087 | mariadb: server crash in Item_args::walk_args | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32088 | mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-32091 | free or in copy_fields | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
HIGH | CVE-2022-29458 | segfaulting OOB read | ncurses-base | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u3 |
HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | ncurses-base | 6.1+20181013-2+deb10u2 | |
HIGH | CVE-2022-29458 | segfaulting OOB read | ncurses-bin | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u3 |
HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | ncurses-bin | 6.1+20181013-2+deb10u2 | |
HIGH | CVE-2021-41617 | privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured | openssh-client | 1:7.9p1-10+deb10u2 | |
HIGH | CVE-2021-3712 | Read buffer overruns processing ASN.1 strings | openssl | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u7 |
HIGH | CVE-2022-0778 | Infinite loop in BN_mod_sqrt() reachable when parsing certificates | openssl | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u8 |
HIGH | CVE-2022-4450 | double free after calling PEM_read_bio_ex | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
HIGH | CVE-2023-0215 | use-after-free following BIO_new_NDEF | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
HIGH | CVE-2023-0286 | X.400 address type confusion in X.509 GeneralName | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
HIGH | CVE-2023-0464 | Denial of service by excessive resource usage in verifying X509 policy constraints | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
HIGH | CVE-2020-16156 | Bypass of verification of signatures in CHECKSUMS files | perl | 5.28.1-6+deb10u1 | |
HIGH | CVE-2023-31484 | CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS | perl | 5.28.1-6+deb10u1 | |
HIGH | CVE-2020-16156 | Bypass of verification of signatures in CHECKSUMS files | perl-base | 5.28.1-6+deb10u1 | |
HIGH | CVE-2023-31484 | CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS | perl-base | 5.28.1-6+deb10u1 | |
HIGH | CVE-2020-16156 | Bypass of verification of signatures in CHECKSUMS files | perl-modules-5.28 | 5.28.1-6+deb10u1 | |
HIGH | CVE-2023-31484 | CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS | perl-modules-5.28 | 5.28.1-6+deb10u1 | |
HIGH | CVE-2015-20107 | python: mailcap: findmatch() function does not sanitize the second argument | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2019-20907 | infinite loop in the tarfile module via crafted TAR archive | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2020-10735 | int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to | python2.7 | 2.7.16-2+deb10u1 | |
HIGH | CVE-2020-26116 | CRLF injection via HTTP request method in httplib/http.client | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2021-3737 | HTTP client possible infinite loop on a 100 Continue response | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2022-0391 | urllib.parse does not sanitize URLs containing ASCII newline and tabs | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2022-45061 | CPU denial of service via inefficient IDNA decoder | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2022-48560 | A use-after-free exists in Python through 3.9 via heappushpop in heapq ... | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2023-24329 | urllib.parse url blocklisting bypass | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2015-20107 | python: mailcap: findmatch() function does not sanitize the second argument | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2019-20907 | infinite loop in the tarfile module via crafted TAR archive | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2020-10735 | int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to | python2.7-minimal | 2.7.16-2+deb10u1 | |
HIGH | CVE-2020-26116 | CRLF injection via HTTP request method in httplib/http.client | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2021-3737 | HTTP client possible infinite loop on a 100 Continue response | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2022-0391 | urllib.parse does not sanitize URLs containing ASCII newline and tabs | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2022-45061 | CPU denial of service via inefficient IDNA decoder | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
HIGH | CVE-2022-48560 | A use-after-free exists in Python through 3.9 via heappushpop in heapq ... | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2023-24329 | urllib.parse url blocklisting bypass | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
HIGH | CVE-2015-20107 | python: mailcap: findmatch() function does not sanitize the second argument | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2020-10735 | int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2021-3737 | HTTP client possible infinite loop on a 100 Continue response | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2022-0391 | urllib.parse does not sanitize URLs containing ASCII newline and tabs | python3.7 | 3.7.3-2+deb10u3 | |
HIGH | CVE-2022-45061 | CPU denial of service via inefficient IDNA decoder | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2022-48560 | A use-after-free exists in Python through 3.9 via heappushpop in heapq ... | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
HIGH | CVE-2023-24329 | urllib.parse url blocklisting bypass | python3.7 | 3.7.3-2+deb10u3 | |
HIGH | CVE-2015-20107 | python: mailcap: findmatch() function does not sanitize the second argument | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2020-10735 | int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2021-3737 | HTTP client possible infinite loop on a 100 Continue response | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2022-0391 | urllib.parse does not sanitize URLs containing ASCII newline and tabs | python3.7-minimal | 3.7.3-2+deb10u3 | |
HIGH | CVE-2022-45061 | CPU denial of service via inefficient IDNA decoder | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
HIGH | CVE-2022-48560 | A use-after-free exists in Python through 3.9 via heappushpop in heapq ... | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
HIGH | CVE-2023-24329 | urllib.parse url blocklisting bypass | python3.7-minimal | 3.7.3-2+deb10u3 | |
HIGH | CVE-2022-24070 | subversion: Subversion's mod_dav_svn is vulnerable to memory corruption | subversion | 1.10.4-1+deb10u2 | 1.10.4-1+deb10u3 |
HIGH | CVE-2022-1271 | arbitrary-file-write vulnerability | xz-utils | 5.2.4-1 | 5.2.4-1+deb10u1 |
HIGH | CVE-2018-25032 | A flaw found in zlib when compressing (not decompressing) certain inputs | zlib1g | 1:1.2.11.dfsg-1 | 1:1.2.11.dfsg-1+deb10u1 |
HIGH | CVE-2018-25032 | A flaw found in zlib when compressing (not decompressing) certain inputs | zlib1g-dev | 1:1.2.11.dfsg-1 | 1:1.2.11.dfsg-1+deb10u1 |
HIGH | CVE-2023-37920 | Removal of e-Tugra root certificate | certifi | 2021.10.8 | 2023.7.22 |
HIGH | CVE-2023-0286 | X.400 address type confusion in X.509 GeneralName | cryptography | 38.0.4 | 39.0.1 |
HIGH | CVE-2022-40897 | Regular Expression Denial of Service (ReDoS) in package_index.py | setuptools | 57.0.0 | 65.5.1 |
HIGH | CVE-2022-40898 | remote attackers can cause denial of service via attacker controlled input to wheel cli | wheel | 0.36.2 | 0.38.1 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | cpp-8 | 8.3.0-6 | |
MEDIUM | CVE-2021-22947 | Server responses received before STARTTLS processed after TLS handshake | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-27774 | curl: credential leak on redirect | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
MEDIUM | CVE-2022-27776 | curl: auth/cookie leak on redirect | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-32206 | HTTP compression denial of service | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-32208 | FTP-KRB bad message verification | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-43552 | Use-after-free triggered by an HTTP proxy deny response | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
MEDIUM | CVE-2023-23916 | HTTP multi-header compression denial of service | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u5 |
MEDIUM | CVE-2023-27535 | FTP too eager connection reuse | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-27536 | GSS delegation too eager connection re-use | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-27538 | SSH connection too eager reuse still | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-28321 | IDN wildcard match may lead to Improper Cerificate Validation | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u7 |
MEDIUM | CVE-2023-38546 | cookie injection with none file | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u7 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | dirmngr | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | g++-8 | 8.3.0-6 | |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | gcc-8 | 8.3.0-6 | |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | gcc-8-base | 8.3.0-6 | |
MEDIUM | CVE-2019-20446 | librsvg: Resource exhaustion via crafted SVG file with nested patterns | gir1.2-rsvg-2.0 | 2.44.10-2.1 | 2.44.10-2.1+deb10u1 |
MEDIUM | CVE-2022-39253 | exposure of sensitive information to a malicious actor | git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u5 |
MEDIUM | CVE-2023-22490 | data exfiltration with maliciously crafted repository | git | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u8 |
MEDIUM | CVE-2022-39253 | exposure of sensitive information to a malicious actor | git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u5 |
MEDIUM | CVE-2023-22490 | data exfiltration with maliciously crafted repository | git-man | 1:2.20.1-2+deb10u3 | 1:2.20.1-2+deb10u8 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gnupg | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gnupg-l10n | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gnupg-utils | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gpg | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gpg-agent | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gpg-wks-client | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gpg-wks-server | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gpgconf | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gpgsm | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2022-34903 | Signature spoofing via status line injection | gpgv | 2.2.12-1+deb10u1 | 2.2.12-1+deb10u2 |
MEDIUM | CVE-2020-21913 | icu: Use after free in pkg_createWithAssemblyCode function in tools/pkgdata/pkgdata.cpp | icu-devtools | 63.1-6+deb10u1 | 63.1-6+deb10u2 |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2019-20795 | iproute: use-after-free in get_netnsid_from_name in ip/ipnetns.c | iproute2 | 4.20.0-2+deb10u1 | |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | krb5-multidev | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | krb5-multidev | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2022-25147 | out-of-bounds writes in the apr_base64 | libaprutil1 | 1.6.1-4 | 1.6.1-4+deb10u1 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libasan5 | 8.3.0-6 | |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libatomic1 | 8.3.0-6 | |
MEDIUM | CVE-2019-8921 | information leak in service_attr_req() in sdpd-request.c via a crafted CSTATE | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
MEDIUM | CVE-2020-26558 | Passkey Entry protocol of the Bluetooth Core is vulnerable to an impersonation attack | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u2 |
MEDIUM | CVE-2021-0129 | Improper access control in BlueZ may allow information disclosure vulnerability. | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u2 |
MEDIUM | CVE-2021-41229 | bluez: memory leak in the SDP protocol | libbluetooth-dev | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
MEDIUM | CVE-2019-8921 | information leak in service_attr_req() in sdpd-request.c via a crafted CSTATE | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
MEDIUM | CVE-2020-26558 | Passkey Entry protocol of the Bluetooth Core is vulnerable to an impersonation attack | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u2 |
MEDIUM | CVE-2021-0129 | Improper access control in BlueZ may allow information disclosure vulnerability. | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u2 |
MEDIUM | CVE-2021-41229 | bluez: memory leak in the SDP protocol | libbluetooth3 | 5.50-1.2~deb10u1 | 5.50-1.2~deb10u3 |
MEDIUM | CVE-2016-10228 | glibc: iconv program can hang when invoked with the -c option | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2019-25013 | buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2020-10029 | stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2020-27618 | glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh | libc-bin | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2023-4806 | potential use-after-free in getaddrinfo() | libc-bin | 2.28-10 | |
MEDIUM | CVE-2023-4813 | potential use-after-free in gaih_inet() | libc-bin | 2.28-10 | |
MEDIUM | CVE-2016-10228 | glibc: iconv program can hang when invoked with the -c option | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2019-25013 | buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2020-10029 | stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2020-27618 | glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh | libc-dev-bin | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2023-4806 | potential use-after-free in getaddrinfo() | libc-dev-bin | 2.28-10 | |
MEDIUM | CVE-2023-4813 | potential use-after-free in gaih_inet() | libc-dev-bin | 2.28-10 | |
MEDIUM | CVE-2016-10228 | glibc: iconv program can hang when invoked with the -c option | libc6 | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2019-25013 | buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding | libc6 | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2020-10029 | stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions | libc6 | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2020-27618 | glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh | libc6 | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2023-4806 | potential use-after-free in getaddrinfo() | libc6 | 2.28-10 | |
MEDIUM | CVE-2023-4813 | potential use-after-free in gaih_inet() | libc6 | 2.28-10 | |
MEDIUM | CVE-2016-10228 | glibc: iconv program can hang when invoked with the -c option | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2019-25013 | buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2020-10029 | stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2020-27618 | glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh | libc6-dev | 2.28-10 | 2.28-10+deb10u2 |
MEDIUM | CVE-2023-4806 | potential use-after-free in getaddrinfo() | libc6-dev | 2.28-10 | |
MEDIUM | CVE-2023-4813 | potential use-after-free in gaih_inet() | libc6-dev | 2.28-10 | |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libcc1-0 | 8.3.0-6 | |
MEDIUM | CVE-2021-22947 | Server responses received before STARTTLS processed after TLS handshake | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-27774 | curl: credential leak on redirect | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
MEDIUM | CVE-2022-27776 | curl: auth/cookie leak on redirect | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-32206 | HTTP compression denial of service | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-32208 | FTP-KRB bad message verification | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-43552 | Use-after-free triggered by an HTTP proxy deny response | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
MEDIUM | CVE-2023-23916 | HTTP multi-header compression denial of service | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u5 |
MEDIUM | CVE-2023-27535 | FTP too eager connection reuse | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-27536 | GSS delegation too eager connection re-use | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-27538 | SSH connection too eager reuse still | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-28321 | IDN wildcard match may lead to Improper Cerificate Validation | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u7 |
MEDIUM | CVE-2023-38546 | cookie injection with none file | libcurl3-gnutls | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u7 |
MEDIUM | CVE-2021-22947 | Server responses received before STARTTLS processed after TLS handshake | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-27774 | curl: credential leak on redirect | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
MEDIUM | CVE-2022-27776 | curl: auth/cookie leak on redirect | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-32206 | HTTP compression denial of service | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-32208 | FTP-KRB bad message verification | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-43552 | Use-after-free triggered by an HTTP proxy deny response | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
MEDIUM | CVE-2023-23916 | HTTP multi-header compression denial of service | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u5 |
MEDIUM | CVE-2023-27535 | FTP too eager connection reuse | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-27536 | GSS delegation too eager connection re-use | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-27538 | SSH connection too eager reuse still | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-28321 | IDN wildcard match may lead to Improper Cerificate Validation | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u7 |
MEDIUM | CVE-2023-38546 | cookie injection with none file | libcurl4 | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u7 |
MEDIUM | CVE-2021-22947 | Server responses received before STARTTLS processed after TLS handshake | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-27774 | curl: credential leak on redirect | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
MEDIUM | CVE-2022-27776 | curl: auth/cookie leak on redirect | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-32206 | HTTP compression denial of service | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-32208 | FTP-KRB bad message verification | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
MEDIUM | CVE-2022-43552 | Use-after-free triggered by an HTTP proxy deny response | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
MEDIUM | CVE-2023-23916 | HTTP multi-header compression denial of service | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u5 |
MEDIUM | CVE-2023-27535 | FTP too eager connection reuse | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-27536 | GSS delegation too eager connection re-use | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-27538 | SSH connection too eager reuse still | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u6 |
MEDIUM | CVE-2023-28321 | IDN wildcard match may lead to Improper Cerificate Validation | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u7 |
MEDIUM | CVE-2023-38546 | cookie injection with none file | libcurl4-openssl-dev | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u7 |
MEDIUM | CVE-2020-21595 | libde265 v1.0.4 contains a heap buffer overflow in the mc_luma functio ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2020-21596 | libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_ ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2020-21597 | libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma funct ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2020-21599 | libde265 v1.0.4 contains a heap buffer overflow in the de265_image::av ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2020-21600 | libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pr ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2020-21601 | libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallb ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2020-21602 | libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bi ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2020-21603 | libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fa ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2020-21604 | libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2020-21605 | libde265 v1.0.4 contains a segmentation fault in the apply_sao_interna ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2020-21606 | libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_ ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2021-35452 | An Incorrect Access Control vulnerability exists in libde265 v1.0.8 du ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2021-36408 | An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-f ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2021-36410 | A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion. ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2021-36411 | An issue has been found in libde265 v1.0.8 due to incorrect access con ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u1 |
MEDIUM | CVE-2022-43235 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43236 | Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vuln ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43237 | Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vuln ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43238 | Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43239 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43240 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43241 | Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43242 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43243 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43244 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43245 | Libde265 v1.0.8 was discovered to contain a segmentation violation via ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43248 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43249 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43250 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43252 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2022-43253 | Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ... | libde265-0 | 1.0.3-1+b1 | 1.0.3-1+deb10u3 |
MEDIUM | CVE-2023-24751 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
MEDIUM | CVE-2023-24752 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
MEDIUM | CVE-2023-24754 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
MEDIUM | CVE-2023-24755 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
MEDIUM | CVE-2023-24756 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
MEDIUM | CVE-2023-24757 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
MEDIUM | CVE-2023-24758 | libde265 v1.0.10 was discovered to contain a NULL pointer dereference ... | libde265-0 | 1.0.3-1+b1 | 1.0.11-0+deb10u4 |
MEDIUM | CVE-2023-27102 | Libde265 v1.0.11 was discovered to contain a segmentation violation vi ... | libde265-0 | 1.0.3-1+b1 | |
MEDIUM | CVE-2019-15142 | In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2019-15143 | In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2019-15144 | In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYP ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2019-15145 | DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2021-3630 | An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::D ... | libdjvulibre-dev | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2021-46310 | An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... | libdjvulibre-dev | 3.5.27.1-10 | |
MEDIUM | CVE-2021-46312 | An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... | libdjvulibre-dev | 3.5.27.1-10 | |
MEDIUM | CVE-2019-15142 | In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2019-15143 | In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2019-15144 | In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYP ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2019-15145 | DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2021-3630 | An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::D ... | libdjvulibre-text | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2021-46310 | An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... | libdjvulibre-text | 3.5.27.1-10 | |
MEDIUM | CVE-2021-46312 | An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... | libdjvulibre-text | 3.5.27.1-10 | |
MEDIUM | CVE-2019-15142 | In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2019-15143 | In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2019-15144 | In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYP ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2019-15145 | DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2021-3630 | An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::D ... | libdjvulibre21 | 3.5.27.1-10 | 3.5.27.1-10+deb10u1 |
MEDIUM | CVE-2021-46310 | An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... | libdjvulibre21 | 3.5.27.1-10 | |
MEDIUM | CVE-2021-46312 | An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... | libdjvulibre21 | 3.5.27.1-10 | |
MEDIUM | CVE-2020-21047 | The libcpu component which is used by libasm of elfutils version 0.177 ... | libelf1 | 0.176-1.1 | 0.176-1.1+deb10u1 |
MEDIUM | CVE-2022-25313 | Stack exhaustion in doctype parsing | libexpat1 | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
MEDIUM | CVE-2022-25313 | Stack exhaustion in doctype parsing | libexpat1-dev | 2.2.6-2+deb10u1 | 2.2.6-2+deb10u3 |
MEDIUM | CVE-2022-25309 | fribidi: Heap-buffer-overflow in fribidi_cap_rtl_to_unicode | libfribidi0 | 1.0.5-3.1+deb10u1 | 1.0.5-3.1+deb10u2 |
MEDIUM | CVE-2022-25310 | fribidi: SEGV in fribidi_remove_bidi_marks | libfribidi0 | 1.0.5-3.1+deb10u1 | 1.0.5-3.1+deb10u2 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libgcc-8-dev | 8.3.0-6 | |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libgcc1 | 1:8.3.0-6 | |
MEDIUM | CVE-2019-13627 | ECDSA timing attack allowing private key leak | libgcrypt20 | 1.8.4-5+deb10u1 | |
MEDIUM | CVE-2021-3800 | Possible privilege escalation thourgh pkexec and aliases | libglib2.0-0 | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u4 |
MEDIUM | CVE-2023-32611 | g_variant_byteswap() can take a long time with some non-normal inputs | libglib2.0-0 | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2023-32665 | GVariant deserialisation does not match spec for non-normal data | libglib2.0-0 | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2021-3800 | Possible privilege escalation thourgh pkexec and aliases | libglib2.0-bin | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u4 |
MEDIUM | CVE-2023-32611 | g_variant_byteswap() can take a long time with some non-normal inputs | libglib2.0-bin | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2023-32665 | GVariant deserialisation does not match spec for non-normal data | libglib2.0-bin | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2021-3800 | Possible privilege escalation thourgh pkexec and aliases | libglib2.0-data | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u4 |
MEDIUM | CVE-2023-32611 | g_variant_byteswap() can take a long time with some non-normal inputs | libglib2.0-data | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2023-32665 | GVariant deserialisation does not match spec for non-normal data | libglib2.0-data | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2021-3800 | Possible privilege escalation thourgh pkexec and aliases | libglib2.0-dev | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u4 |
MEDIUM | CVE-2023-32611 | g_variant_byteswap() can take a long time with some non-normal inputs | libglib2.0-dev | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2023-32665 | GVariant deserialisation does not match spec for non-normal data | libglib2.0-dev | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2021-3800 | Possible privilege escalation thourgh pkexec and aliases | libglib2.0-dev-bin | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u4 |
MEDIUM | CVE-2023-32611 | g_variant_byteswap() can take a long time with some non-normal inputs | libglib2.0-dev-bin | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2023-32665 | GVariant deserialisation does not match spec for non-normal data | libglib2.0-dev-bin | 2.58.3-2+deb10u3 | 2.58.3-2+deb10u5 |
MEDIUM | CVE-2021-4209 | Null pointer dereference in MD_UPDATE | libgnutls-dane0 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
MEDIUM | CVE-2021-4209 | Null pointer dereference in MD_UPDATE | libgnutls-openssl27 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
MEDIUM | CVE-2021-4209 | Null pointer dereference in MD_UPDATE | libgnutls28-dev | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
MEDIUM | CVE-2021-4209 | Null pointer dereference in MD_UPDATE | libgnutls30 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
MEDIUM | CVE-2021-4209 | Null pointer dereference in MD_UPDATE | libgnutlsxx28 | 3.6.7-4+deb10u7 | 3.6.7-4+deb10u9 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libgomp1 | 8.3.0-6 | |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libgssapi-krb5-2 | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | libgssapi-krb5-2 | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libgssrpc4 | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | libgssrpc4 | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2022-33068 | integer overflow in the component hb-ot-shape-fallback.cc | libharfbuzz0b | 2.3.1-1 | |
MEDIUM | CVE-2023-29659 | A Segmentation fault caused by a floating point exception exists in li ... | libheif1 | 1.3.2-2~deb10u1 | |
MEDIUM | CVE-2020-21913 | icu: Use after free in pkg_createWithAssemblyCode function in tools/pkgdata/pkgdata.cpp | libicu-dev | 63.1-6+deb10u1 | 63.1-6+deb10u2 |
MEDIUM | CVE-2020-21913 | icu: Use after free in pkg_createWithAssemblyCode function in tools/pkgdata/pkgdata.cpp | libicu63 | 63.1-6+deb10u1 | 63.1-6+deb10u2 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libitm1 | 8.3.0-6 | |
MEDIUM | CVE-2020-35538 | Null pointer dereference in jcopy_sample_rows() function | libjpeg-dev | 1:1.5.2-2+deb10u1 | |
MEDIUM | CVE-2021-46822 | libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c | libjpeg-dev | 1:1.5.2-2+deb10u1 | |
MEDIUM | CVE-2020-35538 | Null pointer dereference in jcopy_sample_rows() function | libjpeg62-turbo | 1:1.5.2-2+deb10u1 | |
MEDIUM | CVE-2021-46822 | libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c | libjpeg62-turbo | 1:1.5.2-2+deb10u1 | |
MEDIUM | CVE-2020-35538 | Null pointer dereference in jcopy_sample_rows() function | libjpeg62-turbo-dev | 1:1.5.2-2+deb10u1 | |
MEDIUM | CVE-2021-46822 | libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c | libjpeg62-turbo-dev | 1:1.5.2-2+deb10u1 | |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libk5crypto3 | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | libk5crypto3 | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libkadm5clnt-mit11 | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | libkadm5clnt-mit11 | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libkadm5srv-mit11 | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | libkadm5srv-mit11 | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libkdb5-9 | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | libkdb5-9 | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libkrb5-3 | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | libkrb5-3 | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libkrb5-dev | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | libkrb5-dev | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libkrb5support0 | 1.17-3+deb10u1 | 1.17-3+deb10u3 |
MEDIUM | CVE-2023-36054 | Denial of service through freeing uninitialized pointer | libkrb5support0 | 1.17-3+deb10u1 | 1.17-3+deb10u6 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | liblsan0 | 8.3.0-6 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickcore-6-arch-config | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickcore-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickcore-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickcore-6.q16-6-extra | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickcore-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickcore-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickwand-6-headers | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickwand-6.q16-6 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickwand-6.q16-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25664 | ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2020-25665 | ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25674 | ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-25676 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27750 | ImageMagick: division by zero in MagickCore/colorspace-private.h | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27756 | ImageMagick: division by zero at MagickCore/geometry.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27760 | ImageMagick: division by zero at MagickCore/enhance.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27762 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2020-27770 | ImageMagick: unsigned offset overflowed at MagickCore/string.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20176 | ImageMagick: processing crafted file leads to division by zero | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20224 | ImageMagick: integer overflow in ExportIndexQuantum() in MagickCore/quantum-export.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2021-20241 | ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20243 | ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20244 | ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20245 | ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-20246 | ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
MEDIUM | CVE-2021-3596 | ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-3213 | ImageMagick: heap buffer overflow while processing a malformed TIFF file | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2022-44267 | Denial of Service when it parses a PNG image | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2022-44268 | vulnerable to Information Disclosure when it parses a PNG image | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
MEDIUM | CVE-2023-1289 | ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", p | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-1906 | heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-2157 | heap overflow vulnerability | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3195 | stack overflow in coders/tiff.c while parsing malicious tiff file | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-34151 | Undefined behaviors of casting double to size_t in svg, mvg and other coders | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3428 | heap-buffer-overflow in coders/tiff.c | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2023-3745 | heap-buffer-overflow in PushCharPixel() in quantum-private.h | libmagickwand-dev | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
MEDIUM | CVE-2021-2372 | mysql: InnoDB unspecified vulnerability (CPU Jul 2021) | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-2389 | mysql: InnoDB unspecified vulnerability (CPU Jul 2021) | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-35604 | mysql: InnoDB unspecified vulnerability (CPU Oct 2021) | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46657 | mariadb: Crash in get_sort_by_table() in subquery with ORDER BY having outer ref | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46658 | mariadb: save_window_function_values triggers an abort during IN subquery | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46659 | mariadb: Crash executing query with VIEW, aggregate and subquery | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46661 | mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an u | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46662 | mariadb: Crash in set_var.cc via certain UPDATE queries with nested subqueries | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46663 | mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT state | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46664 | mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL v | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46665 | mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_ta | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46666 | mariadb: Crash caused by mishandling of a pushdown from a HAVING clause to a WHERE clause | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46667 | mariadb: Integer overflow in sql_lex.cc integer leading to crash | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46668 | mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT stateme | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-21427 | mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
MEDIUM | CVE-2022-31621 | mariadb: improper locking due to unreleased lock in the ds_xbstream.cc | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31622 | mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31623 | mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31624 | mariadb: DoS due to improper locking due to unreleased lock in plugin/server_audit/server_audit.c | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-38791 | compress_write() fails to release mutex on failure | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
MEDIUM | CVE-2022-47015 | print_warnings() | libmariadb-dev | 1:10.3.29-0+deb10u1 | 1:10.3.39-0+deb10u1 |
MEDIUM | CVE-2021-2372 | mysql: InnoDB unspecified vulnerability (CPU Jul 2021) | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-2389 | mysql: InnoDB unspecified vulnerability (CPU Jul 2021) | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-35604 | mysql: InnoDB unspecified vulnerability (CPU Oct 2021) | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46657 | mariadb: Crash in get_sort_by_table() in subquery with ORDER BY having outer ref | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46658 | mariadb: save_window_function_values triggers an abort during IN subquery | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46659 | mariadb: Crash executing query with VIEW, aggregate and subquery | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46661 | mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an u | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46662 | mariadb: Crash in set_var.cc via certain UPDATE queries with nested subqueries | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46663 | mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT state | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46664 | mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL v | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46665 | mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_ta | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46666 | mariadb: Crash caused by mishandling of a pushdown from a HAVING clause to a WHERE clause | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46667 | mariadb: Integer overflow in sql_lex.cc integer leading to crash | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46668 | mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT stateme | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-21427 | mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
MEDIUM | CVE-2022-31621 | mariadb: improper locking due to unreleased lock in the ds_xbstream.cc | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31622 | mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31623 | mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31624 | mariadb: DoS due to improper locking due to unreleased lock in plugin/server_audit/server_audit.c | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-38791 | compress_write() fails to release mutex on failure | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
MEDIUM | CVE-2022-47015 | print_warnings() | libmariadb-dev-compat | 1:10.3.29-0+deb10u1 | 1:10.3.39-0+deb10u1 |
MEDIUM | CVE-2021-2372 | mysql: InnoDB unspecified vulnerability (CPU Jul 2021) | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-2389 | mysql: InnoDB unspecified vulnerability (CPU Jul 2021) | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-35604 | mysql: InnoDB unspecified vulnerability (CPU Oct 2021) | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46657 | mariadb: Crash in get_sort_by_table() in subquery with ORDER BY having outer ref | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46658 | mariadb: save_window_function_values triggers an abort during IN subquery | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46659 | mariadb: Crash executing query with VIEW, aggregate and subquery | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46661 | mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an u | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46662 | mariadb: Crash in set_var.cc via certain UPDATE queries with nested subqueries | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46663 | mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT state | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46664 | mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL v | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46665 | mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_ta | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46666 | mariadb: Crash caused by mishandling of a pushdown from a HAVING clause to a WHERE clause | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46667 | mariadb: Integer overflow in sql_lex.cc integer leading to crash | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46668 | mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT stateme | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-21427 | mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
MEDIUM | CVE-2022-31621 | mariadb: improper locking due to unreleased lock in the ds_xbstream.cc | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31622 | mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31623 | mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31624 | mariadb: DoS due to improper locking due to unreleased lock in plugin/server_audit/server_audit.c | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-38791 | compress_write() fails to release mutex on failure | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
MEDIUM | CVE-2022-47015 | print_warnings() | libmariadb3 | 1:10.3.29-0+deb10u1 | 1:10.3.39-0+deb10u1 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libmpx2 | 8.3.0-6 | |
MEDIUM | CVE-2020-19189 | 997 | libncurses-dev | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u4 |
MEDIUM | CVE-2020-19189 | 997 | libncurses5-dev | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u4 |
MEDIUM | CVE-2020-19189 | 997 | libncurses6 | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u4 |
MEDIUM | CVE-2020-19189 | 997 | libncursesw5-dev | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u4 |
MEDIUM | CVE-2020-19189 | 997 | libncursesw6 | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u4 |
MEDIUM | CVE-2020-16587 | OpenEXR: A heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp coul | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2020-16588 | OpenEXR: A Null Pointer Deference in generatePreview in makePreview.cpp could result in a DOS via a | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2020-16589 | OpenEXR: A heap-based buffer overflow in writeTileData in ImfTiledOutputFile.cpp could result in a D | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-20296 | OpenEXR: Segv on unknown address in Imf_2_5::hufUncompress - Null Pointer dereference | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-20300 | OpenEXR: Integer-overflow in Imf_2_5::hufUncompress | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-20302 | OpenEXR: Floating-point-exception in Imf_2_5::precalculateTileInfot | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-20303 | OpenEXR: Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-23215 | initializeBuffers | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-26260 | initializeBuffers | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3474 | OpenEXR: Undefined-shift in Imf_2_5::FastHufDecoder::FastHufDecoder | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3475 | OpenEXR: Integer-overflow in Imf_2_5::calculateNumTiles | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3476 | OpenEXR: Undefined-shift in Imf_2_5::unpack14 | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3477 | OpenEXR: Heap-buffer-overflow in Imf_2_5::DeepTiledInputFile::readPixelSampleCounts | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3478 | OpenEXR: Out-of-memory in ScanLineInputFile | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3479 | OpenEXR: Out-of-memory caused by allocation of a very large buffer | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3598 | readChars | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3605 | Heap buffer overflow in the rleUncompress function | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3933 | bytesPerDeepLineTable | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3941 | RGBtoXYZ | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-45942 | execute | libopenexr-dev | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2020-16587 | OpenEXR: A heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp coul | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2020-16588 | OpenEXR: A Null Pointer Deference in generatePreview in makePreview.cpp could result in a DOS via a | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2020-16589 | OpenEXR: A heap-based buffer overflow in writeTileData in ImfTiledOutputFile.cpp could result in a D | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-20296 | OpenEXR: Segv on unknown address in Imf_2_5::hufUncompress - Null Pointer dereference | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-20300 | OpenEXR: Integer-overflow in Imf_2_5::hufUncompress | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-20302 | OpenEXR: Floating-point-exception in Imf_2_5::precalculateTileInfot | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-20303 | OpenEXR: Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-23215 | initializeBuffers | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-26260 | initializeBuffers | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3474 | OpenEXR: Undefined-shift in Imf_2_5::FastHufDecoder::FastHufDecoder | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3475 | OpenEXR: Integer-overflow in Imf_2_5::calculateNumTiles | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3476 | OpenEXR: Undefined-shift in Imf_2_5::unpack14 | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3477 | OpenEXR: Heap-buffer-overflow in Imf_2_5::DeepTiledInputFile::readPixelSampleCounts | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3478 | OpenEXR: Out-of-memory in ScanLineInputFile | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3479 | OpenEXR: Out-of-memory caused by allocation of a very large buffer | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3598 | readChars | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3605 | Heap buffer overflow in the rleUncompress function | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3933 | bytesPerDeepLineTable | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-3941 | RGBtoXYZ | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2021-45942 | execute | libopenexr23 | 2.2.1-4.1+deb10u1 | 2.2.1-4.1+deb10u2 |
MEDIUM | CVE-2019-12973 | openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c | libopenjp2-7 | 2.3.0-2+deb10u2 | |
MEDIUM | CVE-2021-29338 | openjpeg: out-of-bounds write due to an integer overflow in opj_compress.c | libopenjp2-7 | 2.3.0-2+deb10u2 | |
MEDIUM | CVE-2022-1122 | openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer | libopenjp2-7 | 2.3.0-2+deb10u2 | |
MEDIUM | CVE-2019-12973 | openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c | libopenjp2-7-dev | 2.3.0-2+deb10u2 | |
MEDIUM | CVE-2021-29338 | openjpeg: out-of-bounds write due to an integer overflow in opj_compress.c | libopenjp2-7-dev | 2.3.0-2+deb10u2 | |
MEDIUM | CVE-2022-1122 | openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer | libopenjp2-7-dev | 2.3.0-2+deb10u2 | |
MEDIUM | CVE-2020-14155 | pcre: Integer overflow when parsing callout numeric arguments | libpcre16-3 | 2:8.39-12 | |
MEDIUM | CVE-2020-14155 | pcre: Integer overflow when parsing callout numeric arguments | libpcre3 | 2:8.39-12 | |
MEDIUM | CVE-2020-14155 | pcre: Integer overflow when parsing callout numeric arguments | libpcre3-dev | 2:8.39-12 | |
MEDIUM | CVE-2020-14155 | pcre: Integer overflow when parsing callout numeric arguments | libpcre32-3 | 2:8.39-12 | |
MEDIUM | CVE-2020-14155 | pcre: Integer overflow when parsing callout numeric arguments | libpcrecpp0v5 | 2:8.39-12 | |
MEDIUM | CVE-2023-37769 | stress-test master commit e4c878 was discovered to contain a FPE vulne ... | libpixman-1-0 | 0.36.0-1 | |
MEDIUM | CVE-2023-37769 | stress-test master commit e4c878 was discovered to contain a FPE vulne ... | libpixman-1-dev | 0.36.0-1 | |
MEDIUM | CVE-2021-23222 | libpq processes unencrypted bytes from man-in-the-middle | libpq-dev | 11.12-0+deb10u1 | 11.14-0+deb10u1 |
MEDIUM | CVE-2021-3677 | memory disclosure in certain queries | libpq-dev | 11.12-0+deb10u1 | 11.13-0+deb10u1 |
MEDIUM | CVE-2023-2455 | row security policies disregard user ID changes after inlining. | libpq-dev | 11.12-0+deb10u1 | 11.20-0+deb10u1 |
MEDIUM | CVE-2021-23222 | libpq processes unencrypted bytes from man-in-the-middle | libpq5 | 11.12-0+deb10u1 | 11.14-0+deb10u1 |
MEDIUM | CVE-2021-3677 | memory disclosure in certain queries | libpq5 | 11.12-0+deb10u1 | 11.13-0+deb10u1 |
MEDIUM | CVE-2023-2455 | row security policies disregard user ID changes after inlining. | libpq5 | 11.12-0+deb10u1 | 11.20-0+deb10u1 |
MEDIUM | CVE-2023-4016 | ps buffer overflow | libprocps7 | 2:3.3.15-2 | |
MEDIUM | CVE-2020-8492 | wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2021-23336 | Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in que | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2021-3733 | python: urllib: Regular expression DoS in AbstractBasicAuthHandler | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2021-4189 | ftplib should not use the host from the PASV response | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2022-48566 | constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2023-27043 | Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple | libpython2.7-minimal | 2.7.16-2+deb10u1 | |
MEDIUM | CVE-2023-40217 | TLS handshake bypass | libpython2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2020-8492 | wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2021-23336 | Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in que | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2021-3733 | python: urllib: Regular expression DoS in AbstractBasicAuthHandler | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2021-4189 | ftplib should not use the host from the PASV response | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2022-48566 | constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2023-27043 | Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple | libpython2.7-stdlib | 2.7.16-2+deb10u1 | |
MEDIUM | CVE-2023-40217 | TLS handshake bypass | libpython2.7-stdlib | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2021-23336 | Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in que | libpython3.7-minimal | 3.7.3-2+deb10u3 | |
MEDIUM | CVE-2021-3426 | python: Information disclosure via pydoc | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2021-3733 | python: urllib: Regular expression DoS in AbstractBasicAuthHandler | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2021-4189 | ftplib should not use the host from the PASV response | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2022-48564 | read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ... | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2022-48566 | constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2023-27043 | Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple | libpython3.7-minimal | 3.7.3-2+deb10u3 | |
MEDIUM | CVE-2023-40217 | TLS handshake bypass | libpython3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2021-23336 | Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in que | libpython3.7-stdlib | 3.7.3-2+deb10u3 | |
MEDIUM | CVE-2021-3426 | python: Information disclosure via pydoc | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2021-3733 | python: urllib: Regular expression DoS in AbstractBasicAuthHandler | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2021-4189 | ftplib should not use the host from the PASV response | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2022-48564 | read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ... | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2022-48566 | constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2023-27043 | Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple | libpython3.7-stdlib | 3.7.3-2+deb10u3 | |
MEDIUM | CVE-2023-40217 | TLS handshake bypass | libpython3.7-stdlib | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libquadmath0 | 8.3.0-6 | |
MEDIUM | CVE-2019-20446 | librsvg: Resource exhaustion via crafted SVG file with nested patterns | librsvg2-2 | 2.44.10-2.1 | 2.44.10-2.1+deb10u1 |
MEDIUM | CVE-2019-20446 | librsvg: Resource exhaustion via crafted SVG file with nested patterns | librsvg2-common | 2.44.10-2.1 | 2.44.10-2.1+deb10u1 |
MEDIUM | CVE-2019-20446 | librsvg: Resource exhaustion via crafted SVG file with nested patterns | librsvg2-dev | 2.44.10-2.1 | 2.44.10-2.1+deb10u1 |
MEDIUM | CVE-2019-19645 | sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TAB | libsqlite3-0 | 3.27.2-3+deb10u1 | |
MEDIUM | CVE-2019-19924 | sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rew | libsqlite3-0 | 3.27.2-3+deb10u1 | |
MEDIUM | CVE-2020-13631 | sqlite: Virtual table can be renamed into the name of one of its shadow tables | libsqlite3-0 | 3.27.2-3+deb10u1 | |
MEDIUM | CVE-2019-19645 | sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TAB | libsqlite3-dev | 3.27.2-3+deb10u1 | |
MEDIUM | CVE-2019-19924 | sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rew | libsqlite3-dev | 3.27.2-3+deb10u1 | |
MEDIUM | CVE-2020-13631 | sqlite: Virtual table can be renamed into the name of one of its shadow tables | libsqlite3-dev | 3.27.2-3+deb10u1 | |
MEDIUM | CVE-2021-4160 | openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u8 |
MEDIUM | CVE-2022-2097 | AES OCB fails to encrypt some bytes | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
MEDIUM | CVE-2022-4304 | timing attack in RSA Decryption implementation | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
MEDIUM | CVE-2023-0465 | Invalid certificate policies in leaf certificates are silently ignored | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
MEDIUM | CVE-2023-0466 | Certificate policy check not enabled | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
MEDIUM | CVE-2023-2650 | Possible DoS translating ASN.1 object identifiers | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
MEDIUM | CVE-2023-3446 | Excessive time spent checking DH keys and parameters | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u6 |
MEDIUM | CVE-2023-3817 | Excessive time spent checking DH q parameter value | libssl-dev | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u6 |
MEDIUM | CVE-2021-4160 | openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u8 |
MEDIUM | CVE-2022-2097 | AES OCB fails to encrypt some bytes | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
MEDIUM | CVE-2022-4304 | timing attack in RSA Decryption implementation | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
MEDIUM | CVE-2023-0465 | Invalid certificate policies in leaf certificates are silently ignored | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
MEDIUM | CVE-2023-0466 | Certificate policy check not enabled | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
MEDIUM | CVE-2023-2650 | Possible DoS translating ASN.1 object identifiers | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
MEDIUM | CVE-2023-3446 | Excessive time spent checking DH keys and parameters | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u6 |
MEDIUM | CVE-2023-3817 | Excessive time spent checking DH q parameter value | libssl1.1 | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u6 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libstdc++-8-dev | 8.3.0-6 | |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libstdc++6 | 8.3.0-6 | |
MEDIUM | CVE-2021-28544 | SVN authz protected copyfrom paths regression | libsvn1 | 1.10.4-1+deb10u2 | 1.10.4-1+deb10u3 |
MEDIUM | CVE-2021-33910 | systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash | libsystemd0 | 241-7~deb10u7 | 241-7~deb10u8 |
MEDIUM | CVE-2021-3997 | Uncontrolled recursion in systemd-tmpfiles when removing files | libsystemd0 | 241-7~deb10u7 | |
MEDIUM | CVE-2022-3821 | buffer overrun in format_timespan() function | libsystemd0 | 241-7~deb10u7 | 241-7~deb10u10 |
MEDIUM | CVE-2022-4415 | local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting | libsystemd0 | 241-7~deb10u7 | |
MEDIUM | CVE-2020-19143 | libtiff: buffer overflow in TIFFVGetField() in libtiff/tif_dir.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u3 |
MEDIUM | CVE-2022-0561 | libtiff: Denial of Service via crafted TIFF file | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0562 | libtiff: Null source pointer lead to Denial of Service via crafted TIFF file | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0865 | libtiff: reachable assertion | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0907 | tiff: NULL Pointer Dereference in tiffcrop | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0908 | tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() in tif_dirread.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0909 | tiff: Divide By Zero error in tiffcrop | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0924 | libtiff: Out-of-bounds Read error in tiffcp | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-1354 | libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-1355 | stack-buffer-overflow in tiffcp.c in main() | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2056 | division by zero issues in tiffcrop | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2057 | division by zero issues in tiffcrop | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2058 | division by zero issues in tiffcrop | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-22844 | out-of-bounds read in _TIFFmemcpy() in tif_unix.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-2867 | uint32_t underflow leads to out of bounds read and write in tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2868 | Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2869 | tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSample | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-34526 | A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3570 | heap Buffer overflows in tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3597 | out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3598 | out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3599 | out-of-bounds read in writeSingleSection in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3626 | out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3627 | out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-40090 | infinite loop via a crafted TIFF file | libtiff-dev | 4.1.0+git191117-2~deb10u2 | |
MEDIUM | CVE-2022-4645 | out-of-bounds read in tiffcp in tools/tiffcp.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-48281 | heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u6 |
MEDIUM | CVE-2023-0795 | out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0796 | out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0797 | out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0798 | out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0799 | use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0800 | out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0801 | out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcro | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0802 | out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0803 | out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0804 | out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-25433 | Buffer Overflow via /libtiff/tools/tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-25435 | heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-26965 | heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-26966 | Buffer Overflow in uv_encode() | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-2908 | null pointer dereference in tif_dir.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-30086 | Heap buffer overflow in tiffcp() at tiffcp.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2023-30774 | heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2023-3316 | null pointer dereference in TIFFClose() | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-3576 | memory leak in tiffcrop.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | |
MEDIUM | CVE-2023-3618 | segmentation fault in Fax3Encode in libtiff/tif_fax3.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-40745 | integer overflow in tiffcp.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-41175 | potential integer overflow in raw2tiff.c | libtiff-dev | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2020-19143 | libtiff: buffer overflow in TIFFVGetField() in libtiff/tif_dir.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u3 |
MEDIUM | CVE-2022-0561 | libtiff: Denial of Service via crafted TIFF file | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0562 | libtiff: Null source pointer lead to Denial of Service via crafted TIFF file | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0865 | libtiff: reachable assertion | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0907 | tiff: NULL Pointer Dereference in tiffcrop | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0908 | tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() in tif_dirread.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0909 | tiff: Divide By Zero error in tiffcrop | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0924 | libtiff: Out-of-bounds Read error in tiffcp | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-1354 | libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-1355 | stack-buffer-overflow in tiffcp.c in main() | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2056 | division by zero issues in tiffcrop | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2057 | division by zero issues in tiffcrop | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2058 | division by zero issues in tiffcrop | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-22844 | out-of-bounds read in _TIFFmemcpy() in tif_unix.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-2867 | uint32_t underflow leads to out of bounds read and write in tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2868 | Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2869 | tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSample | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-34526 | A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3570 | heap Buffer overflows in tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3597 | out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3598 | out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3599 | out-of-bounds read in writeSingleSection in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3626 | out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3627 | out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-40090 | infinite loop via a crafted TIFF file | libtiff5 | 4.1.0+git191117-2~deb10u2 | |
MEDIUM | CVE-2022-4645 | out-of-bounds read in tiffcp in tools/tiffcp.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-48281 | heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u6 |
MEDIUM | CVE-2023-0795 | out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0796 | out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0797 | out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0798 | out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0799 | use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0800 | out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0801 | out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcro | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0802 | out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0803 | out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0804 | out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-25433 | Buffer Overflow via /libtiff/tools/tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-25435 | heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-26965 | heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-26966 | Buffer Overflow in uv_encode() | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-2908 | null pointer dereference in tif_dir.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-30086 | Heap buffer overflow in tiffcp() at tiffcp.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2023-30774 | heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2023-3316 | null pointer dereference in TIFFClose() | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-3576 | memory leak in tiffcrop.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | |
MEDIUM | CVE-2023-3618 | segmentation fault in Fax3Encode in libtiff/tif_fax3.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-40745 | integer overflow in tiffcp.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-41175 | potential integer overflow in raw2tiff.c | libtiff5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2020-19143 | libtiff: buffer overflow in TIFFVGetField() in libtiff/tif_dir.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u3 |
MEDIUM | CVE-2022-0561 | libtiff: Denial of Service via crafted TIFF file | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0562 | libtiff: Null source pointer lead to Denial of Service via crafted TIFF file | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0865 | libtiff: reachable assertion | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0907 | tiff: NULL Pointer Dereference in tiffcrop | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0908 | tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() in tif_dirread.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0909 | tiff: Divide By Zero error in tiffcrop | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-0924 | libtiff: Out-of-bounds Read error in tiffcp | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-1354 | libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-1355 | stack-buffer-overflow in tiffcp.c in main() | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2056 | division by zero issues in tiffcrop | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2057 | division by zero issues in tiffcrop | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2058 | division by zero issues in tiffcrop | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-22844 | out-of-bounds read in _TIFFmemcpy() in tif_unix.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u4 |
MEDIUM | CVE-2022-2867 | uint32_t underflow leads to out of bounds read and write in tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2868 | Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-2869 | tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSample | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-34526 | A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3570 | heap Buffer overflows in tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3597 | out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3598 | out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3599 | out-of-bounds read in writeSingleSection in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3626 | out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-3627 | out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-40090 | infinite loop via a crafted TIFF file | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | |
MEDIUM | CVE-2022-4645 | out-of-bounds read in tiffcp in tools/tiffcp.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2022-48281 | heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u6 |
MEDIUM | CVE-2023-0795 | out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0796 | out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0797 | out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0798 | out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0799 | use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0800 | out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0801 | out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcro | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0802 | out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0803 | out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-0804 | out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-25433 | Buffer Overflow via /libtiff/tools/tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-25435 | heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u7 |
MEDIUM | CVE-2023-26965 | heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-26966 | Buffer Overflow in uv_encode() | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-2908 | null pointer dereference in tif_dir.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-30086 | Heap buffer overflow in tiffcp() at tiffcp.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2023-30774 | heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u5 |
MEDIUM | CVE-2023-3316 | null pointer dereference in TIFFClose() | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-3576 | memory leak in tiffcrop.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | |
MEDIUM | CVE-2023-3618 | segmentation fault in Fax3Encode in libtiff/tif_fax3.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-40745 | integer overflow in tiffcp.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2023-41175 | potential integer overflow in raw2tiff.c | libtiffxx5 | 4.1.0+git191117-2~deb10u2 | 4.1.0+git191117-2~deb10u8 |
MEDIUM | CVE-2020-19189 | 997 | libtinfo6 | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u4 |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libtsan0 | 8.3.0-6 | |
MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libubsan1 | 8.3.0-6 | |
MEDIUM | CVE-2021-33910 | systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash | libudev1 | 241-7~deb10u7 | 241-7~deb10u8 |
MEDIUM | CVE-2021-3997 | Uncontrolled recursion in systemd-tmpfiles when removing files | libudev1 | 241-7~deb10u7 | |
MEDIUM | CVE-2022-3821 | buffer overrun in format_timespan() function | libudev1 | 241-7~deb10u7 | 241-7~deb10u10 |
MEDIUM | CVE-2022-4415 | local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting | libudev1 | 241-7~deb10u7 | |
MEDIUM | CVE-2020-28935 | symbolic link traversal when writing PID file | libunbound8 | 1.9.0-2+deb10u2 | 1.9.0-2+deb10u3 |
MEDIUM | CVE-2022-30698 | unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malic | libunbound8 | 1.9.0-2+deb10u2 | 1.9.0-2+deb10u3 |
MEDIUM | CVE-2022-30699 | unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malic | libunbound8 | 1.9.0-2+deb10u2 | 1.9.0-2+deb10u3 |
MEDIUM | CVE-2023-43785 | out-of-bounds memory access in _XkbReadKeySyms() | libx11-6 | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u4 |
MEDIUM | CVE-2023-43786 | stack exhaustion from infinite recursion in PutSubImage() | libx11-6 | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u4 |
MEDIUM | CVE-2023-43785 | out-of-bounds memory access in _XkbReadKeySyms() | libx11-data | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u4 |
MEDIUM | CVE-2023-43786 | stack exhaustion from infinite recursion in PutSubImage() | libx11-data | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u4 |
MEDIUM | CVE-2023-43785 | out-of-bounds memory access in _XkbReadKeySyms() | libx11-dev | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u4 |
MEDIUM | CVE-2023-43786 | stack exhaustion from infinite recursion in PutSubImage() | libx11-dev | 2:1.6.7-1+deb10u2 | 2:1.6.7-1+deb10u4 |
MEDIUM | CVE-2016-3709 | Incorrect server side include parsing can lead to XSS | libxml2 | 2.9.4+dfsg1-7+deb10u2 | |
MEDIUM | CVE-2016-9318 | libxml2: XML External Entity vulnerability | libxml2 | 2.9.4+dfsg1-7+deb10u2 | |
MEDIUM | CVE-2022-29824 | integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write | libxml2 | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u4 |
MEDIUM | CVE-2023-28484 | NULL dereference in xmlSchemaFixupComplexType | libxml2 | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u6 |
MEDIUM | CVE-2023-29469 | Hashing of empty dict strings isn't deterministic | libxml2 | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u6 |
MEDIUM | CVE-2023-39615 | crafted xml can cause global buffer overflow | libxml2 | 2.9.4+dfsg1-7+deb10u2 | |
MEDIUM | CVE-2023-45322 | use-after-free in xmlUnlinkNode() in tree.c | libxml2 | 2.9.4+dfsg1-7+deb10u2 | |
MEDIUM | CVE-2016-3709 | Incorrect server side include parsing can lead to XSS | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | |
MEDIUM | CVE-2016-9318 | libxml2: XML External Entity vulnerability | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | |
MEDIUM | CVE-2022-29824 | integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u4 |
MEDIUM | CVE-2023-28484 | NULL dereference in xmlSchemaFixupComplexType | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u6 |
MEDIUM | CVE-2023-29469 | Hashing of empty dict strings isn't deterministic | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | 2.9.4+dfsg1-7+deb10u6 |
MEDIUM | CVE-2023-39615 | crafted xml can cause global buffer overflow | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | |
MEDIUM | CVE-2023-45322 | use-after-free in xmlUnlinkNode() in tree.c | libxml2-dev | 2.9.4+dfsg1-7+deb10u2 | |
MEDIUM | CVE-2019-15213 | kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2019-15794 | Overlayfs in the Linux kernel and shiftfs not restoring original value on error leading to a refcou | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2019-16089 | Improper return check in nbd_genl_status function in drivers/block/nbd.c | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2019-20794 | task processes not being properly ended could lead to resource exhaustion | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-12363 | kernel: Improper input validation in some Intel(R) Graphics Drivers | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-12364 | kernel: Null pointer dereference in some Intel(R) Graphics Drivers | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-14304 | ethtool when reading eeprom of device could lead to memory leak | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-16120 | incorrect unprivileged overlayfs permission checking may lead to information disclosure | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-26141 | kernel: not verifying TKIP MIC of fragmented frames | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-26145 | kernel: accepting plaintext broadcast fragments as full frames | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-26541 | kernel: security bypass in certs/blacklist.c and certs/system_keyring.c | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-27835 | kernel: child process is able to access parent mm through hfi dev file handle | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-36310 | kernel: infinite loop in set_memory_region_test in arch/x86/kvm/svm/svm.c for certain nested page fa | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-36311 | DoS by triggering destruction of a large SEV VM | linux-libc-dev | 4.19.194-1 | 4.19.194-3 |
MEDIUM | CVE-2020-36322 | kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2020-36516 | kernel: off-path attacker may inject data or terminate victim's TCP session | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2020-36691 | kernel: lib/nlattr.c allows attackers to cause a denial of service | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-36694 | use-after-free in the packet processing context | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2020-3702 | information disclosure via specifically timed and handcrafted traffic | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-0920 | kernel: Use After Free in unix_gc() which could result in a local privilege escalation | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-20317 | kernel: timer tree corruption leads to missing wakeup and system freeze | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-20320 | s390 eBPF JIT miscompilation issues fixes | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-20321 | In Overlayfs missing a check for a negative dentry before calling vfs_rename() | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-26401 | hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-28711 | rogue backends can cause DoS of guests via high frequency events | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-28712 | rogue backends can cause DoS of guests via high frequency events | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-28713 | rogue backends can cause DoS of guests via high frequency events | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-28714 | Guest can force Linux netback driver to hog large amounts of kernel me ... | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-28715 | Guest can force Linux netback driver to hog large amounts of kernel me ... | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-28950 | kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-33061 | kernel: insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapter | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2021-33624 | Linux kernel BPF protection against speculative execution attacks can be bypassed to read arbitrary | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-33655 | malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2021-33656 | when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2021-34556 | kernel: BPF program can obtain sensitive information from kernel memory via a speculative store bypa | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-34693 | allows local users to obtain sensitive information from stack memory because of uninitialized data s | linux-libc-dev | 4.19.194-1 | 4.19.194-3 |
MEDIUM | CVE-2021-35477 | kernel: BPF program can obtain sensitive information from kernel memory via a speculative store bypa | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-3669 | reading /proc/sysvipc/shm does not scale with large shared memory segment counts | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2021-3679 | kernel: DoS in rb_per_cpu_empty() | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-37159 | use-after-free in hso_free_net_device() in drivers/net/usb/hso.c | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-3732 | kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-3744 | kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-3753 | a race out-of-bound read in vt | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-3759 | unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2021-3764 | kernel: DoS in ccp_run_aes_gcm_cmd() function | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-3772 | kernel: sctp: Invalid chunks may be used to remotely remove existing associations | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
MEDIUM | CVE-2021-38198 | kernel: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-38199 | incorrect connection-setup ordering allows operators of remote NFSv4 servers to cause a DoS | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-39633 | In gre_handle_offloads of ip_gre.c, there is a possible page fault due ... | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2021-4002 | kernel: possible leak or coruption of data residing on hugetlbfs | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-4135 | Heap information leak in map_lookup_elem function | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-4149 | kernel: Improper lock operation in btrfs | linux-libc-dev | 4.19.194-1 | 4.19.235-1 |
MEDIUM | CVE-2021-4155 | kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-4159 | another kernel ptr leak vulnerability via BPF in coerce_reg_to_size | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2021-4203 | kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-42739 | Heap buffer overflow in firedtv driver | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-43389 | kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-43975 | out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/h | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-43976 | kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-44879 | NULL pointer dereference in folio_mark_dirty() via a crafted f2fs image | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2021-45095 | kernel: refcount leak in pep_sock_accept() in net/phonet/pep.c | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-45480 | kernel: memory leak in the __rds_conn_create() in net/rds/connection.c | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2021-45868 | kernel: fs/quota/quota_tree.c does not validate the block number in the quota tree | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-0001 | Branch History Injection (BHI) | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-0002 | Intra-Mode BTI | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-0322 | kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-0480 | memcg does not limit the number of POSIX file locks allowing memory exhaustion | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-0487 | use after free in moxart_remove | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-0494 | information leak in scsi_ioctl() | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-0617 | NULL pointer dereference in udf_expand_file_adinicbdue() during writeback | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-0812 | NFS over RDMA random memory leakage | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-0854 | swiotlb information leak with DMA_FROM_DEVICE | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-1016 | uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-1184 | use-after-free and memory errors in ext4 when mounting and operating on a corrupted image | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-1195 | A possible race condition (use-after-free) in drivers/net/hamradio/6pack ( mkiss.c) after unregister | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-1198 | use-after-free in drivers/net/hamradio/6pack.c | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-1204 | kernel: Use after free in net/ax25/af_ax25.c | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-1205 | kernel: Null pointer dereference and use after free in net/ax25/ax25_timer.c | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-1280 | concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-1462 | possible race condition in drivers/tty/tty_buffers.c | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-1516 | null-ptr-deref caused by x25_disconnect | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-1974 | use-after-free in /net/nfc/core.c causes kernel crash by simulating nfc device from user-space | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-1975 | kernel: sleep in atomic bug when firmware download timeout | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-20008 | In mmc_blk_read_single of block.c, there is a possible way to read ker ... | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-20132 | kernel: Out of bounds read in lg_probe and related functions of hid-lg.c | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-20154 | possible use after free in lock_sock_nested of sock.c for the SCTP protocol | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-20369 | kernel: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-20423 | In rndis_set_response of rndis.c, there is a possible out of bounds wr ... | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2022-20572 | missing DM_TARGET_IMMUTABLE feature flag in verity_target in drivers/md/dm-verity-target.c | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2022-21123 | incomplete clean-up of multi-core shared buffers (aka SBDR) | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-21125 | incomplete clean-up of microarchitectural fill buffers (aka SBDS) | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-21166 | incomplete clean-up in specific special register write operations (aka DRPW) | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-21499 | possible to use the debugger to write zero into a location of choice | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-2153 | NULL pointer dereference in kvm_irq_delivery_to_apic_fast() | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-2318 | Kernel: A use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-2380 | kernel: vulnerability in sm712fb driver | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2022-23960 | Spectre-BHB | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-24959 | memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-2503 | LoadPin bypass via dm-verity table reload | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2022-25258 | kernel: security issues in the OS descriptor handling section of composite_setup function (composite | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-25375 | kernel: information disclosure in drivers/usb/gadget/function/rndis.c | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-2586 | nf_tables cross-table potential use-after-free may lead to local privilege escalation | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-26373 | Post-barrier Return Stack Buffer Predictions | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-2663 | nf_conntrack_irc message handling issue | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-26966 | heap memory leak in drivers/net/usb/sr9700.c | linux-libc-dev | 4.19.194-1 | 4.19.232-1 |
MEDIUM | CVE-2022-27672 | Cross-Thread Return Address Predictions | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-28356 | kernel: refcount leak in llc_ui_bind and llc_ui_autobind | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-28388 | double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-28389 | kernel: a double free in mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c | linux-libc-dev | 4.19.194-1 | 4.19.249-2 |
MEDIUM | CVE-2022-2873 | an out-of-bounds vulnerability in i2c-ismt driver | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2022-29900 | RetBleed Arbitrary Speculative Code Execution with Return Instructions | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-29901 | RetBleed Arbitrary Speculative Code Execution with Return Instructions | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-3061 | kernel: fbdev: i740fb: divide-by-zero in drivers/video/fbdev/i740fb.c could lead to DoS | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-3107 | NULL pointer dereference in netvsc_get_ethtool_stats() | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2022-3108 | NULL pointer dereference in kfd_parse_subtype_iolink() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-3111 | memory leak in free_charger_irq() | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2022-3115 | NULL pointer dereference in malidp_crtc_reset() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-3169 | Kernel: Request to NVME_IOCTL_RESET and NVME_IOCTL_SUBSYS_RESET may cause a DOS. | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-3303 | race condition in snd_pcm_oss_sync leads to NULL pointer dereference | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-3344 | nested shutdown interception could lead to host crash | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-33744 | Arm guests can cause Dom0 DoS via PV devices When mapping pages of gue ... | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-3523 | race when faulting a device private page in memory manager | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-3524 | memory leak in ipv6_renew_options() | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-3567 | data races around sk->sk_prot | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-3586 | net scheduler use-after-free information disclosure vulnerability | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-3594 | Rate limit overflow messages in r8152 in intr_callback | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-3621 | kernel: nilfs2: NULL pointer dereference in nilfs_bmap_lookup_at_level in fs/nilfs2/inode.c | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-3628 | USB-accessible buffer overflow in brcmfmac | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-36280 | out-of-bounds write in vmw_kms_cursor_snoop | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2022-3643 | Xen Security Advisory 423 v1: Guests can trigger NIC interface reset/abort/crash via netback | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-3646 | kernel: nilfs2: memory leak in nilfs_attach_log_writer in fs/nilfs2/segment.c | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-36879 | xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-3707 | Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2022-3903 | An invalid pipe direction in the mceusb driver cause the kernel to DOS | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-39188 | unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-39842 | Kernel: A type conflict of size_t versus int cause an integer overflow in pxa3xx_gcu_write | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-40307 | kernel: use-after-free in efi_capsule_write in capsule-loader.c | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-40768 | kernel: leak of sensitive information due to uninitialized data in stex_queuecommand_lck() in driver | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-40982 | Gather Data Sampling (GDS) side channel vulnerability | linux-libc-dev | 4.19.194-1 | 4.19.289-2 |
MEDIUM | CVE-2022-41218 | Report vmalloc UAF in dvb-core/dmxdev | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2022-4129 | missing lock when clearing sk_user_data can lead to NULL pointer dereference | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-41849 | Kernel: A race between ufx_ops_open() and ufx_usb_disconnect() may result in UAF | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-41850 | Race condition in roccat_report_event in drivers/hid/hid-roccat.c | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-42328 | CVE-2022-42329 kernel: Xen Security Advisory 424 v1: guests can trigger deadlock in Linux netback dr | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-42329 | CVE-2022-42328 CVE-2022-42329 kernel: Xen Security Advisory 424 v1: guests can trigger deadlock in L | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-4269 | CPU soft lockup in TC mirred egress-to-ingress action | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-42703 | use-after-free related to leaf anon_vma double reuse | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-42895 | Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-43750 | memory corruption in usbmon driver | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2022-4382 | kernel: usb: use-after-free write in put_dev | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-4543 | KASLR Prefetch Bypass Breaks KPTI | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2022-4662 | Recursive locking violation in usb-storage that can cause the kernel to deadlock | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2022-47929 | NULL pointer dereference in traffic control subsystem | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-0160 | possibility of deadlock in libbpf function sock_hash_delete_elem | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-0394 | NULL pointer dereference in rawv6_push_pending_frames | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-0458 | speculative pointer dereference in do_prlimit() in kernel/sys.c | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-0459 | Copy_from_user on 64-bit versions may leak kernel information | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-0590 | use-after-free due to race condition in qdisc_graft() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-0597 | Randomize per-cpu entry area | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-0615 | multiple issues for the Video for Linux version 2 test driver | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-1073 | check empty report_list in hid_validate_values() | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-1074 | fail if no bound addresses can be used for a given scope | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-1076 | correctly initialize socket uid | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-1079 | Use After Free in asus_remove() | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-1095 | NULL pointer dereference in nf_tables due to zeroed list head | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2023-1192 | use-after-free in smb2_is_status_io_timeout() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-1206 | hash collisions in the IPv6 connection lookup table | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-1249 | missing mmap_lock in file_files_note that could possibly lead to a use after free in the coredump co | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-1382 | denial of service in tipc_conn_close | linux-libc-dev | 4.19.194-1 | 4.19.269-1 |
MEDIUM | CVE-2023-1582 | Soft lockup occurred during __page_mapcount | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-1637 | save/restore speculative MSRs during S3 suspend/resume | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2023-1855 | use-after-free bug in remove function xgene_hwmon_remove | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-1859 | kernel: Use after free in xen_9pfs_front_remove due to race condition | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-1990 | Use after free bug in ndlc_remove due to race condition | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-1998 | Spectre v2 SMT mitigations problem | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-2002 | Unauthorized management command execution | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
MEDIUM | CVE-2023-20569 | Return Address Predictor velunerability leading to information disclosure | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-20588 | division-by-zero may resulting in loss of confidentiality | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-20593 | Cross-Process Information Leak | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
MEDIUM | CVE-2023-2162 | UAF during login when accessing the shost ipaddress | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-2177 | NULL pointer dereference problem in sctp_sched_dequeue_common | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-2194 | out-of-bounds write in xgene_slimpro_i2c_xfer() | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-2269 | A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
MEDIUM | CVE-2023-23454 | slab-out-of-bounds read vulnerabilities in cbq_classify | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-23455 | denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-2513 | use-after-free in ext4_xattr_set_entry() | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2023-26545 | double free on sysctl allocation failure | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-28328 | A denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-2860 | out-of-bounds read when setting HMAC data | linux-libc-dev | 4.19.194-1 | 4.19.260-1 |
MEDIUM | CVE-2023-28772 | lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow | linux-libc-dev | 4.19.194-1 | 4.19.208-1 |
MEDIUM | CVE-2023-2985 | use-after-free issue in hfsplus_release_folio in fs/hfsplus/super.c | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-3006 | Add Spectre-BHB mitigation for AmpereOne | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-3022 | panic in fib6_rule_suppress when fib6_rule_lookup fails | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-30456 | missing consistency checks for CR0 and CR4 | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-30772 | race condition leading to use-after-free in da9150_charger_remove() | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-31082 | sleeping function called from an invalid context in gsmld_write | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-31083 | race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-31084 | blocking operation in dvb_frontend_get_event and wait_event_interruptible | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
MEDIUM | CVE-2023-3159 | use after free issue in driver/firewire in outbound_phy_packet_callback | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2023-3161 | shift-out-of-bounds in fbcon_set_font() | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-3212 | NULL pointer dereference in gfs2_evict_inode() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-3220 | NULL pointer dereference in dpu_crtc_atomic_check() in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-32269 | user after free in nr_listen in net/netrom/af_netrom.c | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-33203 | race condition leading to use-after-free in emac_remove() | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-33288 | use-after-free in bq24190_remove in drivers/power/supply/bq24190_charger.c | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-3338 | crash due to a NULL pointer dereference in the dn_nsp_send function | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
MEDIUM | CVE-2023-3358 | shtp_cl_get_dma_send_buf in drivers/hid/intel-ish-hid/ishtp/dma-if.c lacks check of the return value | linux-libc-dev | 4.19.194-1 | 4.19.282-1 |
MEDIUM | CVE-2023-34256 | Out of bounds read in crc16 in lib/crc16.c | linux-libc-dev | 4.19.194-1 | 4.19.289-1 |
MEDIUM | CVE-2023-37453 | out-of-bounds read in read_descriptors | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-37454 | use-after-free write in udf_close_lvid | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-3772 | NULL pointer dereference in xfrm_update_ae_params() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-3863 | use-after-free in nfc_llcp_find_loca in net/nfc/llcp_core.c | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-39189 | nftables out-of-bounds read in nf_osf_match_one() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-39192 | xtables out-of-bounds read in u32_match_it() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-39193 | xtables sctp out-of-bounds read in match_flags() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-39194 | out-of-bounds read in __xfrm_state_filter_match() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-4010 | malformed USB descriptor leads to infinite loop in usb_giveback_urb() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-4132 | use-after-free caused by do_submit_urb() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-4133 | use-after-free in ch_flower_stats_cb() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-4194 | correctly initialize socket uid next fix of i_uid to current_fsuid | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-4273 | stack overflow in exfat_get_uniname_from_ext_entry | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-42754 | NULL pointer dereference in ipv4_send_dest_unreach() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-42755 | out-of-bounds read in rsvp_classify() | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-4385 | NULL pointer dereference in dbFree() | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2023-4459 | NULL pointer dereference in vmxnet3_rq_cleanup() | linux-libc-dev | 4.19.194-1 | 4.19.249-1 |
MEDIUM | CVE-2023-4569 | information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-45863 | lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write | linux-libc-dev | 4.19.194-1 | |
MEDIUM | CVE-2023-4641 | possible password leak during passwd(1) change | login | 1:4.5-1.1 | |
MEDIUM | CVE-2021-2372 | mysql: InnoDB unspecified vulnerability (CPU Jul 2021) | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-2389 | mysql: InnoDB unspecified vulnerability (CPU Jul 2021) | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-35604 | mysql: InnoDB unspecified vulnerability (CPU Oct 2021) | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46657 | mariadb: Crash in get_sort_by_table() in subquery with ORDER BY having outer ref | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46658 | mariadb: save_window_function_values triggers an abort during IN subquery | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46659 | mariadb: Crash executing query with VIEW, aggregate and subquery | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46661 | mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an u | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46662 | mariadb: Crash in set_var.cc via certain UPDATE queries with nested subqueries | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46663 | mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT state | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46664 | mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL v | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46665 | mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_ta | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46666 | mariadb: Crash caused by mishandling of a pushdown from a HAVING clause to a WHERE clause | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.31-0+deb10u1 |
MEDIUM | CVE-2021-46667 | mariadb: Integer overflow in sql_lex.cc integer leading to crash | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2021-46668 | mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT stateme | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-21427 | mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
MEDIUM | CVE-2022-31621 | mariadb: improper locking due to unreleased lock in the ds_xbstream.cc | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31622 | mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31623 | mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-31624 | mariadb: DoS due to improper locking due to unreleased lock in plugin/server_audit/server_audit.c | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.34-0+deb10u1 |
MEDIUM | CVE-2022-38791 | compress_write() fails to release mutex on failure | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.36-0+deb10u1 |
MEDIUM | CVE-2022-47015 | print_warnings() | mariadb-common | 1:10.3.29-0+deb10u1 | 1:10.3.39-0+deb10u1 |
MEDIUM | CVE-2020-19189 | 997 | ncurses-base | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u4 |
MEDIUM | CVE-2020-19189 | 997 | ncurses-bin | 6.1+20181013-2+deb10u2 | 6.1+20181013-2+deb10u4 |
MEDIUM | CVE-2021-4160 | openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure | openssl | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u8 |
MEDIUM | CVE-2022-2097 | AES OCB fails to encrypt some bytes | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
MEDIUM | CVE-2022-4304 | timing attack in RSA Decryption implementation | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u4 |
MEDIUM | CVE-2023-0465 | Invalid certificate policies in leaf certificates are silently ignored | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
MEDIUM | CVE-2023-0466 | Certificate policy check not enabled | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
MEDIUM | CVE-2023-2650 | Possible DoS translating ASN.1 object identifiers | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u5 |
MEDIUM | CVE-2023-3446 | Excessive time spent checking DH keys and parameters | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u6 |
MEDIUM | CVE-2023-3817 | Excessive time spent checking DH q parameter value | openssl | 1.1.1d-0+deb10u6 | 1.1.1n-0+deb10u6 |
MEDIUM | CVE-2023-4641 | possible password leak during passwd(1) change | passwd | 1:4.5-1.1 | |
MEDIUM | CVE-2023-4016 | ps buffer overflow | procps | 2:3.3.15-2 | |
MEDIUM | CVE-2020-8492 | wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2021-23336 | Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in que | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2021-3733 | python: urllib: Regular expression DoS in AbstractBasicAuthHandler | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2021-4189 | ftplib should not use the host from the PASV response | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2022-48566 | constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2023-27043 | Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple | python2.7 | 2.7.16-2+deb10u1 | |
MEDIUM | CVE-2023-40217 | TLS handshake bypass | python2.7 | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2020-8492 | wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2021-23336 | Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in que | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2021-3733 | python: urllib: Regular expression DoS in AbstractBasicAuthHandler | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2021-4189 | ftplib should not use the host from the PASV response | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u2 |
MEDIUM | CVE-2022-48566 | constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2023-27043 | Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple | python2.7-minimal | 2.7.16-2+deb10u1 | |
MEDIUM | CVE-2023-40217 | TLS handshake bypass | python2.7-minimal | 2.7.16-2+deb10u1 | 2.7.16-2+deb10u3 |
MEDIUM | CVE-2021-23336 | Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in que | python3.7 | 3.7.3-2+deb10u3 | |
MEDIUM | CVE-2021-3426 | python: Information disclosure via pydoc | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2021-3733 | python: urllib: Regular expression DoS in AbstractBasicAuthHandler | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2021-4189 | ftplib should not use the host from the PASV response | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2022-48564 | read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ... | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2022-48566 | constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2023-27043 | Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple | python3.7 | 3.7.3-2+deb10u3 | |
MEDIUM | CVE-2023-40217 | TLS handshake bypass | python3.7 | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2021-23336 | Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in que | python3.7-minimal | 3.7.3-2+deb10u3 | |
MEDIUM | CVE-2021-3426 | python: Information disclosure via pydoc | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2021-3733 | python: urllib: Regular expression DoS in AbstractBasicAuthHandler | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2021-4189 | ftplib should not use the host from the PASV response | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u5 |
MEDIUM | CVE-2022-48564 | read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ... | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2022-48566 | constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2023-27043 | Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple | python3.7-minimal | 3.7.3-2+deb10u3 | |
MEDIUM | CVE-2023-40217 | TLS handshake bypass | python3.7-minimal | 3.7.3-2+deb10u3 | 3.7.3-2+deb10u6 |
MEDIUM | CVE-2021-28544 | SVN authz protected copyfrom paths regression | subversion | 1.10.4-1+deb10u2 | 1.10.4-1+deb10u3 |
MEDIUM | CVE-2022-0529 | Heap out-of-bound writes and reads during conversion of wide string to local string | unzip | 6.0-23+deb10u2 | 6.0-23+deb10u3 |
MEDIUM | CVE-2022-0530 | SIGSEGV during the conversion of an utf-8 string to a local string | unzip | 6.0-23+deb10u2 | 6.0-23+deb10u3 |
MEDIUM | CVE-2021-31879 | authorization header disclosure on redirect | wget | 1.20.1-1.1 | |
MEDIUM | CVE-2022-23491 | untrusted root certificates | certifi | 2021.10.8 | 2022.12.07 |
MEDIUM | CVE-2023-23931 | memory corruption via immutable objects | cryptography | 38.0.4 | 39.0.1 |
MEDIUM | CVE-2023-32681 | Unintended leak of Proxy-Authorization header | requests | 2.26.0 | 2.31.0 |
MEDIUM | CVE-2023-43804 | Cookie request header isn't stripped during cross-origin redirects | urllib3 | 1.26.14 | 2.0.6, 1.26.17 |
MEDIUM | CVE-2023-45803 | urllib3 is a user-friendly HTTP client library for Python. urllib3 pre ... | urllib3 | 1.26.14 | 2.0.7, 1.26.18 |
LOW | CVE-2011-3374 | It was found that apt-key in apt, all versions, do not correctly valid ... | apt | 1.8.2.3 | |
LOW | CVE-2019-18276 | when effective UID is not equal to its real UID the saved UID is not dropped | bash | 5.0-4 | |
LOW | CVE-2017-13716 | binutils: Memory leak with the C++ symbol demangler routine in libiberty | binutils | 2.31.1-16 | |
LOW | CVE-2018-1000876 | integer overflow leads to heap-based buffer overflow in objdump | binutils | 2.31.1-16 | |
LOW | CVE-2018-12697 | binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. | binutils | 2.31.1-16 | |
LOW | CVE-2018-12698 | binutils: excessive memory consumption in demangle_template in cplus-dem.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-12699 | binutils: heap-based buffer overflow in finish_stab in stabs.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-12934 | binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-17358 | binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-17359 | binutils: invalid memory access in bfd_zalloc in opncls.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-17360 | binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-17794 | binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted in | binutils | 2.31.1-16 | |
LOW | CVE-2018-17985 | binutils: Stack consumption problem caused by the cplus_demangle_type | binutils | 2.31.1-16 | |
LOW | CVE-2018-18309 | binutils: invalid memory address dereference in read_reloc in reloc.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-18483 | binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service | binutils | 2.31.1-16 | |
LOW | CVE-2018-18484 | binutils: Stack exhaustion in cp-demangle.c allows for denial of service | binutils | 2.31.1-16 | |
LOW | CVE-2018-18605 | binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-18606 | binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-18607 | binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-18700 | binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demang | binutils | 2.31.1-16 | |
LOW | CVE-2018-18701 | binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-19931 | binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of ser | binutils | 2.31.1-16 | |
LOW | CVE-2018-19932 | binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service | binutils | 2.31.1-16 | |
LOW | CVE-2018-20002 | binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c | binutils | 2.31.1-16 | |
LOW | CVE-2018-20623 | Use-after-free in the error function | binutils | 2.31.1-16 | |
LOW | CVE-2018-20651 | binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of | binutils | 2.31.1-16 | |
LOW | CVE-2018-20671 | Integer overflow in load_specific_debug_section function | binutils | 2.31.1-16 | |
LOW | CVE-2018-20673 | libiberty: Integer overflow in demangle_template() function | binutils | 2.31.1-16 | |
LOW | CVE-2018-20712 | libiberty: heap-based buffer over-read in d_expression_1 | binutils | 2.31.1-16 | |
LOW | CVE-2018-9138 | binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty | binutils | 2.31.1-16 | |
LOW | CVE-2018-9996 | binutils: Stack-overflow in libiberty/cplus-dem.c causes crash | binutils | 2.31.1-16 | |
LOW | CVE-2019-1010180 | gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code | binutils | 2.31.1-16 | |
LOW | CVE-2019-1010204 | Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and el | binutils | 2.31.1-16 | |
LOW | CVE-2019-12972 | binutils: out-of-bounds read in setup_group in bfd/elf.c | binutils | 2.31.1-16 | |
LOW | CVE-2019-14250 | binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow | binutils | 2.31.1-16 | |
LOW | CVE-2019-14444 | binutils: integer overflow in function apply_relocation in readelf.c | binutils | 2.31.1-16 | |
LOW | CVE-2019-17450 | binutils: denial of service via crafted ELF file | binutils | 2.31.1-16 | |
LOW | CVE-2019-17451 | binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c | binutils | 2.31.1-16 | |
LOW | CVE-2019-9070 | binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c | binutils | 2.31.1-16 | |
LOW | CVE-2019-9071 | binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c | binutils | 2.31.1-16 | |
LOW | CVE-2019-9073 | binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c | binutils | 2.31.1-16 | |
LOW | CVE-2019-9074 | out-of-bound read in function bfd_getl32 in libbfd.c | binutils | 2.31.1-16 | |
LOW | CVE-2019-9075 | heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c | binutils | 2.31.1-16 | |
LOW | CVE-2019-9077 | heap-based buffer overflow in function process_mips_specific in readelf.c | binutils | 2.31.1-16 | |
LOW | CVE-2020-16590 | binutils: double free vulnerability in process_symbol_table could result in DoS | binutils | 2.31.1-16 | |
LOW | CVE-2020-16591 | binutils: invalid read in process_symbol_table could result in DoS | binutils | 2.31.1-16 | |
LOW | CVE-2020-16592 | binutils: use-after-free in bfd_hash_lookup could result in DoS | binutils | 2.31.1-16 | |
LOW | CVE-2020-16593 | binutils: Null Pointer Dereference in scan_unit_for_symbols could result in DoS | binutils | 2.31.1-16 | |
LOW | CVE-2020-16599 | binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS | binutils | 2.31.1-16 | |
LOW | CVE-2020-19724 | memory leak in get_data() in nm.c | binutils | 2.31.1-16 | |
LOW | CVE-2020-19726 | heap-based buffer overflow in bfd_getl32() in bfd/libbfd.c | binutils | 2.31.1-16 | |
LOW | CVE-2020-21490 | memory leak in get_field() in microblaze-dis.c | binutils | 2.31.1-16 | |
LOW | CVE-2020-35342 | uninitialized heap memory in tic4x_print_cond() in opcodes/tic4x-dis.c | binutils | 2.31.1-16 | |
LOW | CVE-2020-35448 | binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v | binutils | 2.31.1-16 | |
LOW | CVE-2020-35493 | heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF fil | binutils | 2.31.1-16 | |
LOW | CVE-2020-35494 | usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c | binutils | 2.31.1-16 | |
LOW | CVE-2020-35495 | NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c | binutils | 2.31.1-16 | |
LOW | CVE-2020-35496 | NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c | binutils | 2.31.1-16 | |
LOW | CVE-2020-35507 | NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c | binutils | 2.31.1-16 | |
LOW | CVE-2021-20197 | Race window allows users to own arbitrary files | binutils | 2.31.1-16 | |
LOW | CVE-2021-20284 | binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c | binutils | 2.31.1-16 | |
LOW | CVE-2021-20294 | stack buffer overflow WRITE may lead to a DoS via a crafted ELF | binutils | 2.31.1-16 | |
LOW | CVE-2021-32256 | stack-overflow issue in demangle_type in rust-demangle.c. | binutils | 2.31.1-16 | |
LOW | CVE-2021-3487 | Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section() | binutils | 2.31.1-16 | |
LOW | CVE-2021-3530 | binutils: stack memory exhaustion in demangle_path() in rust-demangle.c | binutils | 2.31.1-16 | |
LOW | CVE-2021-3549 | binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para | binutils | 2.31.1-16 | |
LOW | CVE-2021-3826 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c | binutils | 2.31.1-16 | |
LOW | CVE-2021-45078 | out-of-bounds write in stab_xcoff_builtin_type() in stabs.c | binutils | 2.31.1-16 | |
LOW | CVE-2021-46174 | heap-based buffer overflow in bfd_getl32() in libbfd.c via objdump | binutils | 2.31.1-16 | |
LOW | CVE-2021-46195 | uncontrolled recursion in libiberty/rust-demangle.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-35205 | reachable assertion in display_debug_names() in dwarf.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-35206 | NULL pointer dereference in read_and_display_attr_value() in dwarf.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-38533 | heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a crafted fi | binutils | 2.31.1-16 | |
LOW | CVE-2022-4285 | NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault | binutils | 2.31.1-16 | |
LOW | CVE-2022-44840 | heap-based buffer overflow in find_section_in_set() in readelf.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-45703 | heap-based buffer overflow in display_debug_section() in readelf.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-47007 | memory leak in stab_demangle_v3_arg() in stabs.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-47008 | memory leak in make_tempdir() and make_tempname() in bucomm.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-47010 | memory leak in pr_function_type() in prdbg.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-47011 | memory leak in parse_stab_struct_fields() in stabs.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-47673 | out-of-bounds read in parse_module() in bfd/vms-alpha.c via addr2line | binutils | 2.31.1-16 | |
LOW | CVE-2022-47695 | uninitialized field in bfd_mach_o_get_synthetic_symtab() in match-o.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-47696 | segmentation fault in compare_symbols() in objdump.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-48063 | excessive memory consumption in load_separate_debug_files() in dwarf.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-48064 | excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c | binutils | 2.31.1-16 | |
LOW | CVE-2022-48065 | memory leak in find_abstract_instance() in dwarf2.c | binutils | 2.31.1-16 | |
LOW | CVE-2023-1579 | Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64 | binutils | 2.31.1-16 | |
LOW | CVE-2023-1972 | Illegal memory access when accessing a zer0-lengthverdef table | binutils | 2.31.1-16 | |
LOW | CVE-2023-25584 | Out of bounds read in parse_module function in bfd/vms-alpha.c | binutils | 2.31.1-16 | |
LOW | CVE-2023-25585 | Field file_table of struct module *module is uninitialized |
binutils | 2.31.1-16 | |
LOW | CVE-2023-25586 | Local variable ch_type in function bfd_init_section_decompress_status can be uninitialized |
binutils | 2.31.1-16 | |
LOW | CVE-2023-25588 | Field the_bfd of asymbol is uninitialized in function bfd_mach_o_get_synthetic_symtab
|
binutils | 2.31.1-16 | |
LOW | CVE-2017-13716 | binutils: Memory leak with the C++ symbol demangler routine in libiberty | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-1000876 | integer overflow leads to heap-based buffer overflow in objdump | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-12697 | binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-12698 | binutils: excessive memory consumption in demangle_template in cplus-dem.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-12699 | binutils: heap-based buffer overflow in finish_stab in stabs.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-12934 | binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-17358 | binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-17359 | binutils: invalid memory access in bfd_zalloc in opncls.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-17360 | binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-17794 | binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted in | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-17985 | binutils: Stack consumption problem caused by the cplus_demangle_type | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-18309 | binutils: invalid memory address dereference in read_reloc in reloc.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-18483 | binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-18484 | binutils: Stack exhaustion in cp-demangle.c allows for denial of service | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-18605 | binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-18606 | binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-18607 | binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-18700 | binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demang | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-18701 | binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-19931 | binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of ser | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-19932 | binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-20002 | binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-20623 | Use-after-free in the error function | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-20651 | binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-20671 | Integer overflow in load_specific_debug_section function | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-20673 | libiberty: Integer overflow in demangle_template() function | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-20712 | libiberty: heap-based buffer over-read in d_expression_1 | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-9138 | binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty | binutils-common | 2.31.1-16 | |
LOW | CVE-2018-9996 | binutils: Stack-overflow in libiberty/cplus-dem.c causes crash | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-1010180 | gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-1010204 | Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and el | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-12972 | binutils: out-of-bounds read in setup_group in bfd/elf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-14250 | binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-14444 | binutils: integer overflow in function apply_relocation in readelf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-17450 | binutils: denial of service via crafted ELF file | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-17451 | binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-9070 | binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-9071 | binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-9073 | binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-9074 | out-of-bound read in function bfd_getl32 in libbfd.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-9075 | heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2019-9077 | heap-based buffer overflow in function process_mips_specific in readelf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-16590 | binutils: double free vulnerability in process_symbol_table could result in DoS | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-16591 | binutils: invalid read in process_symbol_table could result in DoS | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-16592 | binutils: use-after-free in bfd_hash_lookup could result in DoS | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-16593 | binutils: Null Pointer Dereference in scan_unit_for_symbols could result in DoS | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-16599 | binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-19724 | memory leak in get_data() in nm.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-19726 | heap-based buffer overflow in bfd_getl32() in bfd/libbfd.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-21490 | memory leak in get_field() in microblaze-dis.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-35342 | uninitialized heap memory in tic4x_print_cond() in opcodes/tic4x-dis.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-35448 | binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-35493 | heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF fil | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-35494 | usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-35495 | NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-35496 | NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2020-35507 | NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-20197 | Race window allows users to own arbitrary files | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-20284 | binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-20294 | stack buffer overflow WRITE may lead to a DoS via a crafted ELF | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-32256 | stack-overflow issue in demangle_type in rust-demangle.c. | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-3487 | Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section() | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-3530 | binutils: stack memory exhaustion in demangle_path() in rust-demangle.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-3549 | binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-3826 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-45078 | out-of-bounds write in stab_xcoff_builtin_type() in stabs.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-46174 | heap-based buffer overflow in bfd_getl32() in libbfd.c via objdump | binutils-common | 2.31.1-16 | |
LOW | CVE-2021-46195 | uncontrolled recursion in libiberty/rust-demangle.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-35205 | reachable assertion in display_debug_names() in dwarf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-35206 | NULL pointer dereference in read_and_display_attr_value() in dwarf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-38533 | heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a crafted fi | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-4285 | NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-44840 | heap-based buffer overflow in find_section_in_set() in readelf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-45703 | heap-based buffer overflow in display_debug_section() in readelf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-47007 | memory leak in stab_demangle_v3_arg() in stabs.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-47008 | memory leak in make_tempdir() and make_tempname() in bucomm.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-47010 | memory leak in pr_function_type() in prdbg.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-47011 | memory leak in parse_stab_struct_fields() in stabs.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-47673 | out-of-bounds read in parse_module() in bfd/vms-alpha.c via addr2line | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-47695 | uninitialized field in bfd_mach_o_get_synthetic_symtab() in match-o.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-47696 | segmentation fault in compare_symbols() in objdump.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-48063 | excessive memory consumption in load_separate_debug_files() in dwarf.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-48064 | excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2022-48065 | memory leak in find_abstract_instance() in dwarf2.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2023-1579 | Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64 | binutils-common | 2.31.1-16 | |
LOW | CVE-2023-1972 | Illegal memory access when accessing a zer0-lengthverdef table | binutils-common | 2.31.1-16 | |
LOW | CVE-2023-25584 | Out of bounds read in parse_module function in bfd/vms-alpha.c | binutils-common | 2.31.1-16 | |
LOW | CVE-2023-25585 | Field file_table of struct module *module is uninitialized |
binutils-common | 2.31.1-16 | |
LOW | CVE-2023-25586 | Local variable ch_type in function bfd_init_section_decompress_status can be uninitialized |
binutils-common | 2.31.1-16 | |
LOW | CVE-2023-25588 | Field the_bfd of asymbol is uninitialized in function bfd_mach_o_get_synthetic_symtab
|
binutils-common | 2.31.1-16 | |
LOW | CVE-2017-13716 | binutils: Memory leak with the C++ symbol demangler routine in libiberty | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-1000876 | integer overflow leads to heap-based buffer overflow in objdump | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-12697 | binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-12698 | binutils: excessive memory consumption in demangle_template in cplus-dem.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-12699 | binutils: heap-based buffer overflow in finish_stab in stabs.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-12934 | binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-17358 | binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-17359 | binutils: invalid memory access in bfd_zalloc in opncls.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-17360 | binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-17794 | binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted in | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-17985 | binutils: Stack consumption problem caused by the cplus_demangle_type | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-18309 | binutils: invalid memory address dereference in read_reloc in reloc.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-18483 | binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-18484 | binutils: Stack exhaustion in cp-demangle.c allows for denial of service | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-18605 | binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-18606 | binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-18607 | binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-18700 | binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demang | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-18701 | binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-19931 | binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of ser | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-19932 | binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-20002 | binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-20623 | Use-after-free in the error function | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-20651 | binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-20671 | Integer overflow in load_specific_debug_section function | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-20673 | libiberty: Integer overflow in demangle_template() function | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-20712 | libiberty: heap-based buffer over-read in d_expression_1 | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-9138 | binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2018-9996 | binutils: Stack-overflow in libiberty/cplus-dem.c causes crash | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-1010180 | gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-1010204 | Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and el | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-12972 | binutils: out-of-bounds read in setup_group in bfd/elf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-14250 | binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-14444 | binutils: integer overflow in function apply_relocation in readelf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-17450 | binutils: denial of service via crafted ELF file | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-17451 | binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-9070 | binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-9071 | binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-9073 | binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-9074 | out-of-bound read in function bfd_getl32 in libbfd.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-9075 | heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2019-9077 | heap-based buffer overflow in function process_mips_specific in readelf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-16590 | binutils: double free vulnerability in process_symbol_table could result in DoS | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-16591 | binutils: invalid read in process_symbol_table could result in DoS | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-16592 | binutils: use-after-free in bfd_hash_lookup could result in DoS | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-16593 | binutils: Null Pointer Dereference in scan_unit_for_symbols could result in DoS | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-16599 | binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-19724 | memory leak in get_data() in nm.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-19726 | heap-based buffer overflow in bfd_getl32() in bfd/libbfd.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-21490 | memory leak in get_field() in microblaze-dis.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-35342 | uninitialized heap memory in tic4x_print_cond() in opcodes/tic4x-dis.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-35448 | binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-35493 | heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF fil | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-35494 | usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-35495 | NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-35496 | NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2020-35507 | NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-20197 | Race window allows users to own arbitrary files | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-20284 | binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-20294 | stack buffer overflow WRITE may lead to a DoS via a crafted ELF | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-32256 | stack-overflow issue in demangle_type in rust-demangle.c. | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-3487 | Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section() | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-3530 | binutils: stack memory exhaustion in demangle_path() in rust-demangle.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-3549 | binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-3826 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-45078 | out-of-bounds write in stab_xcoff_builtin_type() in stabs.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-46174 | heap-based buffer overflow in bfd_getl32() in libbfd.c via objdump | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-46195 | uncontrolled recursion in libiberty/rust-demangle.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-35205 | reachable assertion in display_debug_names() in dwarf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-35206 | NULL pointer dereference in read_and_display_attr_value() in dwarf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-38533 | heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a crafted fi | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-4285 | NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-44840 | heap-based buffer overflow in find_section_in_set() in readelf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-45703 | heap-based buffer overflow in display_debug_section() in readelf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-47007 | memory leak in stab_demangle_v3_arg() in stabs.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-47008 | memory leak in make_tempdir() and make_tempname() in bucomm.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-47010 | memory leak in pr_function_type() in prdbg.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-47011 | memory leak in parse_stab_struct_fields() in stabs.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-47673 | out-of-bounds read in parse_module() in bfd/vms-alpha.c via addr2line | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-47695 | uninitialized field in bfd_mach_o_get_synthetic_symtab() in match-o.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-47696 | segmentation fault in compare_symbols() in objdump.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-48063 | excessive memory consumption in load_separate_debug_files() in dwarf.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-48064 | excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2022-48065 | memory leak in find_abstract_instance() in dwarf2.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2023-1579 | Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64 | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2023-1972 | Illegal memory access when accessing a zer0-lengthverdef table | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2023-25584 | Out of bounds read in parse_module function in bfd/vms-alpha.c | binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2023-25585 | Field file_table of struct module *module is uninitialized |
binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2023-25586 | Local variable ch_type in function bfd_init_section_decompress_status can be uninitialized |
binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2023-25588 | Field the_bfd of asymbol is uninitialized in function bfd_mach_o_get_synthetic_symtab
|
binutils-x86-64-linux-gnu | 2.31.1-16 | |
LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | bsdutils | 1:2.33.1-0.1 | |
LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | bsdutils | 1:2.33.1-0.1 | |
LOW | CVE-2016-2781 | coreutils: Non-privileged session can escape to the parent session in chroot | coreutils | 8.30-3 | |
LOW | CVE-2017-18018 | coreutils: race condition vulnerability in chown and chgrp | coreutils | 8.30-3 | |
LOW | CVE-2020-19909 | Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a ... | curl | 7.64.0-4+deb10u2 | |
LOW | CVE-2021-22898 | TELNET stack contents disclosure | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
LOW | CVE-2021-22922 | Content not matching hash in Metalink is not being discarded | curl | 7.64.0-4+deb10u2 | |
LOW | CVE-2021-22923 | Metalink download sends credentials | curl | 7.64.0-4+deb10u2 | |
LOW | CVE-2021-22924 | Bad connection reuse due to flawed path name checks | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u3 |
LOW | CVE-2022-35252 | Incorrect handling of control code characters in cookies | curl | 7.64.0-4+deb10u2 | 7.64.0-4+deb10u4 |
LOW | CVE-2023-28320 | siglongjmp race condition may lead to crash | curl | 7.64.0-4+deb10u2 | |
LOW | CVE-2023-28322 | more POST-after-PUT confusion | curl | 7.64.0-4+deb10u2 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | dirmngr | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | dirmngr | 2.2.12-1+deb10u1 | |
LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | fdisk | 2.33.1-0.1 | |
LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | fdisk | 2.33.1-0.1 | |
LOW | CVE-2018-1000021 | client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to pot | git | 1:2.20.1-2+deb10u3 | |
LOW | CVE-2022-24975 | git: The --mirror option for git leaks secret for deleted content, aka the "GitBleed" | git | 1:2.20.1-2+deb10u3 | |
LOW | CVE-2023-25815 | malicious placement of crafted messages when git was compiled with runtime prefix | git | 1:2.20.1-2+deb10u3 | |
LOW | CVE-2018-1000021 | client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to pot | git-man | 1:2.20.1-2+deb10u3 | |
LOW | CVE-2022-24975 | git: The --mirror option for git leaks secret for deleted content, aka the "GitBleed" | git-man | 1:2.20.1-2+deb10u3 | |
LOW | CVE-2023-25815 | malicious placement of crafted messages when git was compiled with runtime prefix | git-man | 1:2.20.1-2+deb10u3 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gnupg | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gnupg | 2.2.12-1+deb10u1 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gnupg-l10n | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gnupg-l10n | 2.2.12-1+deb10u1 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gnupg-utils | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gnupg-utils | 2.2.12-1+deb10u1 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gpg | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gpg | 2.2.12-1+deb10u1 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gpg-agent | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gpg-agent | 2.2.12-1+deb10u1 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gpg-wks-client | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gpg-wks-client | 2.2.12-1+deb10u1 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gpg-wks-server | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gpg-wks-server | 2.2.12-1+deb10u1 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gpgconf | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gpgconf | 2.2.12-1+deb10u1 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gpgsm | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gpgsm | 2.2.12-1+deb10u1 | |
LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gpgv | 2.2.12-1+deb10u1 | |
LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gpgv | 2.2.12-1+deb10u1 | |
LOW | CVE-2005-0406 | A design flaw in image processing software that modifies JPEG images m ... | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2008-3134 | GraphicsMagick/ImageMagick: multiple crash or DoS issues | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2016-8678 | ImageMagick: Heap-buffer overflow in IsPixelMonochrome | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2017-11754 | ImageMagick: Memory leak in WritePICONImage function | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2017-11755 | ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2017-7275 | ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2018-15607 | ImageMagick: CPU Exhaustion via crafted input file | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2019-13310 | memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2019-16709 | ImageMagick: memory leak in coders/dps.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2020-25666 | ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-25675 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27560 | ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27751 | ImageMagick: integer overflow in MagickCore/quantum-export.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27753 | ImageMagick: memory leaks in AcquireMagickMemory function | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2020-27754 | ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27755 | ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2020-27757 | ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27758 | ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27759 | ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27761 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27763 | ImageMagick: division by zero at MagickCore/resize.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27764 | outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27765 | ImageMagick: division by zero at MagickCore/segment.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27767 | ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27768 | ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27769 | ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27771 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27772 | ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27773 | ImageMagick: division by zero at MagickCore/gem-private.h | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27774 | ImageMagick: integer overflow at MagickCore/statistic.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27775 | ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27776 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2021-20311 | ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2021-3574 | ImageMagick: memory leaks with convert command | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2021-39212 | ImageMagick: possible read or write in postscript files | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW | CVE-2023-34152 | RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured | imagemagick | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2005-0406 | A design flaw in image processing software that modifies JPEG images m ... | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2008-3134 | GraphicsMagick/ImageMagick: multiple crash or DoS issues | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2016-8678 | ImageMagick: Heap-buffer overflow in IsPixelMonochrome | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2017-11754 | ImageMagick: Memory leak in WritePICONImage function | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2017-11755 | ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2017-7275 | ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2018-15607 | ImageMagick: CPU Exhaustion via crafted input file | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2019-13310 | memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2019-16709 | ImageMagick: memory leak in coders/dps.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2020-25666 | ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-25675 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27560 | ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27751 | ImageMagick: integer overflow in MagickCore/quantum-export.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27753 | ImageMagick: memory leaks in AcquireMagickMemory function | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2020-27754 | ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27755 | ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2020-27757 | ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27758 | ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27759 | ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27761 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27763 | ImageMagick: division by zero at MagickCore/resize.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27764 | outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27765 | ImageMagick: division by zero at MagickCore/segment.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27767 | ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27768 | ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27769 | ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27771 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27772 | ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27773 | ImageMagick: division by zero at MagickCore/gem-private.h | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27774 | ImageMagick: integer overflow at MagickCore/statistic.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27775 | ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27776 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2021-20311 | ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2021-3574 | ImageMagick: memory leaks with convert command | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2021-39212 | ImageMagick: possible read or write in postscript files | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW | CVE-2023-34152 | RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured | imagemagick-6-common | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2005-0406 | A design flaw in image processing software that modifies JPEG images m ... | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2008-3134 | GraphicsMagick/ImageMagick: multiple crash or DoS issues | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2016-8678 | ImageMagick: Heap-buffer overflow in IsPixelMonochrome | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2017-11754 | ImageMagick: Memory leak in WritePICONImage function | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2017-11755 | ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2017-7275 | ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866) | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2018-15607 | ImageMagick: CPU Exhaustion via crafted input file | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2019-13310 | memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2019-16709 | ImageMagick: memory leak in coders/dps.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2020-25666 | ImageMagick: outside the range of representable values of type int and signed integer overflow in Ma | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-25675 | ImageMagick: outside the range of representable values of type 'long' and integer overflow at Magick | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27560 | ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27751 | ImageMagick: integer overflow in MagickCore/quantum-export.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27753 | ImageMagick: memory leaks in AcquireMagickMemory function | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2020-27754 | ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27755 | ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2020-27757 | ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/qu | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27758 | ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27759 | ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27761 | ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27763 | ImageMagick: division by zero at MagickCore/resize.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27764 | outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27765 | ImageMagick: division by zero at MagickCore/segment.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27767 | ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27768 | ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum- | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27769 | ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27771 | ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27772 | ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27773 | ImageMagick: division by zero at MagickCore/gem-private.h | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27774 | ImageMagick: integer overflow at MagickCore/statistic.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27775 | ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2020-27776 | ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statist | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2021-20311 | ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2021-3574 | ImageMagick: memory leaks with convert command | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u2 |
LOW | CVE-2021-39212 | ImageMagick: possible read or write in postscript files | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | 8:6.9.10.23+dfsg-2.1+deb10u5 |
LOW | CVE-2023-34152 | RCE (shell command injection) vulnerability in OpenBlob with --enable-pipes configured | imagemagick-6.q16 | 8:6.9.10.23+dfsg-2.1+deb10u1 | |
LOW | CVE-2018-5709 | krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c | krb5-multidev | 1.17-3+deb10u1 | |
LOW | CVE-2011-3374 | It was found that apt-key in apt, all versions, do not correctly valid ... | libapt-pkg5.0 | 1.8.2.3 | |
LOW | CVE-2017-13716 | binutils: Memory leak with the C++ symbol demangler routine in libiberty | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-1000876 | integer overflow leads to heap-based buffer overflow in objdump | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-12697 | binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-12698 | binutils: excessive memory consumption in demangle_template in cplus-dem.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-12699 | binutils: heap-based buffer overflow in finish_stab in stabs.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-12934 | binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-17358 | binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-17359 | binutils: invalid memory access in bfd_zalloc in opncls.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-17360 | binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-17794 | binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted in | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-17985 | binutils: Stack consumption problem caused by the cplus_demangle_type | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-18309 | binutils: invalid memory address dereference in read_reloc in reloc.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-18483 | binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-18484 | binutils: Stack exhaustion in cp-demangle.c allows for denial of service | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-18605 | binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-18606 | binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-18607 | binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-18700 | binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demang | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-18701 | binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-19931 | binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of ser | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-19932 | binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-20002 | binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-20623 | Use-after-free in the error function | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-20651 | binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-20671 | Integer overflow in load_specific_debug_section function | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-20673 | libiberty: Integer overflow in demangle_template() function | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-20712 | libiberty: heap-based buffer over-read in d_expression_1 | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-9138 | binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty | libbinutils | 2.31.1-16 | |
LOW | CVE-2018-9996 | binutils: Stack-overflow in libiberty/cplus-dem.c causes crash | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-1010180 | gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-1010204 | Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and el | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-12972 | binutils: out-of-bounds read in setup_group in bfd/elf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-14250 | binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-14444 | binutils: integer overflow in function apply_relocation in readelf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-17450 | binutils: denial of service via crafted ELF file | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-17451 | binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-9070 | binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-9071 | binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-9073 | binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-9074 | out-of-bound read in function bfd_getl32 in libbfd.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-9075 | heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2019-9077 | heap-based buffer overflow in function process_mips_specific in readelf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-16590 | binutils: double free vulnerability in process_symbol_table could result in DoS | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-16591 | binutils: invalid read in process_symbol_table could result in DoS | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-16592 | binutils: use-after-free in bfd_hash_lookup could result in DoS | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-16593 | binutils: Null Pointer Dereference in scan_unit_for_symbols could result in DoS | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-16599 | binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-19724 | memory leak in get_data() in nm.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-19726 | heap-based buffer overflow in bfd_getl32() in bfd/libbfd.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-21490 | memory leak in get_field() in microblaze-dis.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-35342 | uninitialized heap memory in tic4x_print_cond() in opcodes/tic4x-dis.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-35448 | binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-35493 | heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF fil | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-35494 | usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-35495 | NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-35496 | NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2020-35507 | NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-20197 | Race window allows users to own arbitrary files | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-20284 | binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-20294 | stack buffer overflow WRITE may lead to a DoS via a crafted ELF | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-32256 | stack-overflow issue in demangle_type in rust-demangle.c. | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-3487 | Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section() | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-3530 | binutils: stack memory exhaustion in demangle_path() in rust-demangle.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-3549 | binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-3826 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-45078 | out-of-bounds write in stab_xcoff_builtin_type() in stabs.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-46174 | heap-based buffer overflow in bfd_getl32() in libbfd.c via objdump | libbinutils | 2.31.1-16 | |
LOW | CVE-2021-46195 | uncontrolled recursion in libiberty/rust-demangle.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-35205 | reachable assertion in display_debug_names() in dwarf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-35206 | NULL pointer dereference in read_and_display_attr_value() in dwarf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-38533 | heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a crafted fi | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-4285 | NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-44840 | heap-based buffer overflow in find_section_in_set() in readelf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-45703 | heap-based buffer overflow in display_debug_section() in readelf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-47007 | memory leak in stab_demangle_v3_arg() in stabs.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-47008 | memory leak in make_tempdir() and make_tempname() in bucomm.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-47010 | memory leak in pr_function_type() in prdbg.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-47011 | memory leak in parse_stab_struct_fields() in stabs.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-47673 | out-of-bounds read in parse_module() in bfd/vms-alpha.c via addr2line | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-47695 | uninitialized field in bfd_mach_o_get_synthetic_symtab() in match-o.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-47696 | segmentation fault in compare_symbols() in objdump.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-48063 | excessive memory consumption in load_separate_debug_files() in dwarf.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-48064 | excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2022-48065 | memory leak in find_abstract_instance() in dwarf2.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2023-1579 | Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64 | libbinutils | 2.31.1-16 | |
LOW | CVE-2023-1972 | Illegal memory access when accessing a zer0-lengthverdef table | libbinutils | 2.31.1-16 | |
LOW | CVE-2023-25584 | Out of bounds read in parse_module function in bfd/vms-alpha.c | libbinutils | 2.31.1-16 | |
LOW | CVE-2023-25585 | Field file_table of struct module *module is uninitialized |
libbinutils | 2.31.1-16 | |
LOW | CVE-2023-25586 | Local variable ch_type in function bfd_init_section_decompress_status can be uninitialized |
libbinutils | 2.31.1-16 | |
LOW | CVE-2023-25588 | Field the_bfd of asymbol is uninitialized in function bfd_mach_o_get_synthetic_symtab
|
libbinutils | 2.31.1-16 | |
LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libblkid-dev | 2.33.1-0.1 | |
LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | libblkid-dev | 2.33.1-0.1 | |
LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libblkid1 | 2.33.1-0.1 | |
LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | libblkid1 | 2.33.1-0.1 | |
LOW | CVE-2016-9797 | buffer over-read in l2cap_dump() | libbluetooth-dev | 5.50-1.2~deb10u1 | |
LOW | CVE-2016-9798 | use-after-free in conf_opt() | libbluetooth-dev | 5.50-1.2~deb10u1 | |
LOW | CVE-2016-9799 | bluez: buffer overflow in pklg_read_hci() | libbluetooth-dev | 5.50-1.2~deb10u1 | |
LOW | CVE-2016-9800 | buffer overflow in pin_code_reply_dump() | libbluetooth-dev | 5.50-1.2~deb10u1 | |
LOW | CVE-2016-9801 | buffer overflow in set_ext_ctrl() | libbluetooth-dev | 5.50-1.2~deb10u1 | |
LOW | CVE-2016-9802 | bluez: buffer over-read in l2cap_packet() | libbluetooth-dev | 5.50-1.2~deb10u1 | |
LOW | CVE-2016-9803 | bluez: out-of-bounds read in le_meta_ev_dump() | libbluetooth-dev | 5.50-1.2~deb10u1 | |
LOW | CVE-2016-9804 | bluez: buffer overflow in commands_dump() | libbluetooth-dev | 5.50-1.2~deb10u1 | |
LOW | [CVE-2016-9917](ht |