This page lists packages that are affected by issues that are considered unimportant from a security perspective. These issues are thought to be unexploitable or uneffective in most situations (for example, browser denial-of-services).
Package | Bug | Description | Releases |
---|---|---|---|
9base | CVE-2014-1935 | 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results ... | bookworm, bullseye, buster, sid, stretch |
abcm2ps | CVE-2021-32434 | abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in th ... | bullseye, buster |
CVE-2021-32436 | An out-of-bounds read in the function write_title() in subs.c of abcm2 ... | bullseye, buster | |
abiword | CVE-2017-17529 | af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings ... | bookworm, bullseye, buster, sid, stretch |
acpica-unix | CVE-2017-13693 | The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils. ... | stretch |
CVE-2017-13694 | The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobje ... | stretch | |
CVE-2017-13695 | The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the ... | stretch | |
activemq | CVE-2018-8006 | An instance of a cross-site scripting vulnerability was identified to ... | stretch |
CVE-2019-0222 | In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame ca ... | buster | |
CVE-2020-1941 | In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open ... | bullseye, buster, sid, stretch | |
CVE-2020-13947 | An instance of a cross-site scripting vulnerability was identified to ... | bullseye, buster, sid, stretch | |
adns | CVE-2017-9103 | An issue was discovered in adns before 1.5.2. pap_mailbox822 does not ... | buster, stretch |
CVE-2017-9104 | An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if ... | buster, stretch | |
CVE-2017-9105 | An issue was discovered in adns before 1.5.2. It corrupts a pointer wh ... | buster, stretch | |
CVE-2017-9106 | An issue was discovered in adns before 1.5.2. adns_rr_info mishandles ... | buster, stretch | |
CVE-2017-9107 | An issue was discovered in adns before 1.5.2. It overruns reading a bu ... | buster, stretch | |
CVE-2017-9108 | An issue was discovered in adns before 1.5.2. adnshost mishandles a mi ... | buster, stretch | |
CVE-2017-9109 | An issue was discovered in adns before 1.5.2. It fails to ignore appar ... | buster, stretch | |
afflib | CVE-2018-8050 | The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFL ... | stretch |
amanda | CVE-2016-10729 | An issue was discovered in Amanda 3.3.1. A user with backup privileges ... | bullseye, buster, sid, stretch |
CVE-2016-10730 | An issue was discovered in Amanda 3.3.1. A user with backup privileges ... | bullseye, buster, sid, stretch | |
amarok | CVE-2020-13152 | A remote user can create a specially crafted M3U file, media playlist ... | stretch |
android-framework-23 | CVE-2017-0752 | A elevation of privilege vulnerability in the Android framework (windo ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-0822 | An elevation of privilege vulnerability in the Android system (camera) ... | bookworm, bullseye, buster, sid, stretch | |
android-platform-frameworks-base | CVE-2021-39796 | In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there ... | bookworm, bullseye, buster, sid, stretch |
CVE-2022-20011 | In getArray of NotificationManagerService.java , there is a possible l ... | bookworm, bullseye, buster, sid, stretch | |
android-platform-frameworks-native | CVE-2015-3875 | libutils in Android before 5.1.1 LMY48T allows remote attackers to exe ... | bookworm, bullseye, buster, sid, stretch |
CVE-2015-6602 | libutils in Android through 5.1.1 LMY48M allows remote attackers to ex ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2015-6609 | libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allo ... | bookworm, bullseye, buster, sid, stretch | |
android-platform-system-core | CVE-2012-5564 | android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users t ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-0647 | An information disclosure vulnerability in libziparchive could enable ... | stretch | |
CVE-2017-0841 | A remote code execution vulnerability in the Android system (libutils) ... | bookworm, bullseye, buster, sid, stretch | |
android-tools | CVE-2012-5564 | android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users t ... | buster |
ansible | CVE-2017-7550 | A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x bef ... | stretch |
CVE-2020-1734 | A flaw was found in the pipe lookup plugin of ansible. Arbitrary comma ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-1736 | A flaw was found in Ansible Engine when a file is moved using atomic_m ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-1737 | A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9 ... | buster, stretch | |
CVE-2020-1738 | A flaw was found in Ansible Engine when the module package or service ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-14365 | A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before ... | stretch | |
ant | CVE-2021-36373 | When reading a specially crafted TAR archive an Apache Ant build can b ... | bullseye, buster, stretch |
CVE-2021-36374 | When reading a specially crafted ZIP archive, or a derived formats, an ... | bullseye, buster, stretch | |
aolserver4 | CVE-2009-4494 | AOLserver 4.5.1 writes data to a log file without sanitizing non-print ... | stretch |
apache2 | CVE-2001-1534 | mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... | bookworm, bullseye, buster, sid, stretch |
CVE-2003-1307 | bookworm, bullseye, buster, sid, stretch | ||
CVE-2003-1580 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2003-1581 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2007-0086 | bookworm, bullseye, buster, sid, stretch | ||
CVE-2007-1743 | suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2007-3303 | Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2008-0456 | CRLF injection vulnerability in the mod_negotiation module in the Apac ... | bookworm, bullseye, buster, sid, stretch | |
apt | CVE-2011-3374 | It was found that apt-key in apt, all versions, do not correctly valid ... | bookworm, bullseye, buster, sid, stretch |
apt-setup | CVE-2005-2214 | apt-setup in Debian GNU/Linux installs the apt.conf file with insecure ... | bookworm, bullseye, buster, sid, stretch |
asn1c | CVE-2017-12966 | The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1 ... | bookworm, bullseye, buster, sid, stretch |
avahi | CVE-2017-6519 | avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to ... | buster, stretch |
awffull | CVE-2007-0510 | Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) prese ... | bookworm, bullseye, buster, sid, stretch |
awstats | CVE-2018-10245 | A Full Path Disclosure vulnerability in AWStats through 7.6 allows rem ... | bookworm, bullseye, buster, sid, stretch |
axis | CVE-2007-2353 | Apache Axis 1.0 allows remote attackers to obtain sensitive informatio ... | bookworm, bullseye, buster, sid, stretch |
CVE-2019-0227 | A Server Side Request Forgery (SSRF) vulnerability affected the Apache ... | bookworm, bullseye, buster, sid, stretch | |
banshee | CVE-2009-1175 | Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in th ... | stretch |
bash | CVE-2019-18276 | An issue was discovered in disable_priv_mode in shell.c in GNU Bash th ... | buster, stretch |
TEMP-0841856-B18BAF | Privilege escalation possible to other user than root | bookworm, bullseye, buster, sid, stretch | |
bash-completion | CVE-2018-7738 | In util-linux before 2.32-rc1, bash-completion/umount allows local use ... | bookworm, bullseye, buster, sid, stretch |
bibutils | CVE-2018-10773 | NULL pointer deference in the addsn function in serialno.c in libbibco ... | buster, stretch |
CVE-2018-10774 | Read access violation in the isiin_keyword function in isiin.c in libb ... | buster, stretch | |
CVE-2018-10775 | NULL pointer dereference in the _fields_add function in fields.c in li ... | buster, stretch | |
binaryen | CVE-2019-15758 | An issue was discovered in Binaryen 1.38.32. Missing validation rules ... | buster |
CVE-2019-15759 | An issue was discovered in Binaryen 1.38.32. Two visitors in ir/Expres ... | buster | |
CVE-2021-45290 | A Denial of Service vulnerability exits in Binaryen 103 due to an asse ... | bullseye, buster | |
CVE-2021-45293 | A Denial of Service vulnerability exists in Binaryen 103 due to an Inv ... | bullseye, buster | |
CVE-2021-46048 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, buster, sid | |
CVE-2021-46050 | A Stack Overflow vulnerability exists in Binaryen 103 via the printf_c ... | bookworm, bullseye, buster, sid | |
CVE-2021-46052 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, buster, sid | |
CVE-2021-46053 | A Denial of Service vulnerability exists in Binaryen 103. The program ... | bookworm, bullseye, buster, sid | |
CVE-2021-46054 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, buster, sid | |
CVE-2021-46055 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, buster, sid | |
bind9 | CVE-2016-6170 | ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x throug ... | stretch |
CVE-2018-5741 | To provide fine-grained controls over the ability to use Dynamic DNS ( ... | stretch | |
binutils | CVE-2017-13716 | The C++ symbol demangler routine in cplus-dem.c in libiberty, as distr ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-9138 | An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ... | buster, stretch | |
CVE-2018-9996 | An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-12697 | A NULL pointer dereference (aka SEGV on unknown address 0x000000000000 ... | buster, stretch | |
CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in G ... | buster, stretch | |
CVE-2018-12699 | finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause ... | buster, stretch | |
CVE-2018-12934 | remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-13033 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed ... | stretch | |
CVE-2018-17358 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2018-17359 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2018-17360 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2018-17794 | An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ... | buster, stretch | |
CVE-2018-17985 | An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ... | buster, stretch | |
CVE-2018-18309 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2018-18483 | The get_count function in cplus-dem.c in GNU libiberty, as distributed ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18484 | An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ... | buster, stretch | |
CVE-2018-18605 | A heap-based buffer over-read issue was discovered in the function sec ... | buster, stretch | |
CVE-2018-18606 | An issue was discovered in the merge_strings function in merge.c in th ... | buster, stretch | |
CVE-2018-18607 | An issue was discovered in elf_link_input_bfd in elflink.c in the Bina ... | buster, stretch | |
CVE-2018-18700 | An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ... | buster, stretch | |
CVE-2018-18701 | An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ... | buster, stretch | |
CVE-2018-19931 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2018-19932 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2018-20002 | The _bfd_generic_read_minisymbols function in syms.c in the Binary Fil ... | buster, stretch | |
CVE-2018-20623 | In GNU Binutils 2.31.1, there is a use-after-free in the error functio ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-20651 | A NULL pointer dereference was discovered in elf_link_add_object_symbo ... | buster, stretch | |
CVE-2018-20671 | load_specific_debug_section in objdump.c in GNU Binutils through 2.31. ... | buster, stretch | |
CVE-2018-20673 | The demangle_template function in cplus-dem.c in GNU libiberty, as dis ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-20712 | A heap-based buffer over-read exists in the function d_expression_1 in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-1000876 | binutils version 2.32 and earlier contains a Integer Overflow vulnerab ... | buster, stretch | |
CVE-2019-9070 | An issue was discovered in GNU libiberty, as distributed in GNU Binuti ... | buster, stretch | |
CVE-2019-9071 | An issue was discovered in GNU libiberty, as distributed in GNU Binuti ... | buster, stretch | |
CVE-2019-9073 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2019-9074 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2019-9075 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2019-9077 | An issue was discovered in GNU Binutils 2.32. It is a heap-based buffe ... | buster, stretch | |
CVE-2019-12972 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2019-14250 | An issue was discovered in GNU libiberty, as distributed in GNU Binuti ... | buster, stretch | |
CVE-2019-14444 | apply_relocations in readelf.c in GNU Binutils 2.32 contains an intege ... | buster, stretch | |
CVE-2019-17450 | find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) ... | buster, stretch | |
CVE-2019-17451 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster, stretch | |
CVE-2019-1010180 | GNU gdb All versions is affected by: Buffer Overflow - Out of bound me ... | buster, stretch | |
CVE-2019-1010204 | GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is aff ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-16590 | A double free vulnerability exists in the Binary File Descriptor (BFD) ... | buster, stretch | |
CVE-2020-16591 | A Denial of Service vulnerability exists in the Binary File Descriptor ... | buster, stretch | |
CVE-2020-16592 | A use after free issue exists in the Binary File Descriptor (BFD) libr ... | buster, stretch | |
CVE-2020-16593 | A Null Pointer Dereference vulnerability exists in the Binary File Des ... | buster, stretch | |
CVE-2020-16599 | A Null Pointer Dereference vulnerability exists in the Binary File Des ... | buster, stretch | |
CVE-2020-35448 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-35493 | A flaw exists in binutils in bfd/pef.c. An attacker who is able to sub ... | buster, stretch | |
CVE-2020-35494 | There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is ab ... | buster, stretch | |
CVE-2020-35495 | There's a flaw in binutils /bfd/pef.c. An attacker who is able to subm ... | buster, stretch | |
CVE-2020-35496 | There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutil ... | buster, stretch | |
CVE-2020-35507 | There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutil ... | buster, stretch | |
CVE-2021-3487 | There's a flaw in the BFD library of binutils in versions before 2.36. ... | bullseye, buster, stretch | |
CVE-2021-3530 | A flaw was discovered in GNU libiberty within demangle_path() in rust- ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-3549 | An out of bounds flaw was found in GNU binutils objdump utility versio ... | bullseye, buster, stretch | |
CVE-2021-20197 | There is an open race window when writing output in the following util ... | bullseye, buster, stretch | |
CVE-2021-20284 | A flaw was found in GNU Binutils 2.35.1, where there is a heap-based b ... | bullseye, buster, stretch | |
CVE-2021-20294 | A flaw was found in binutils readelf 2.35 program. An attacker who is ... | buster, stretch | |
CVE-2021-45078 | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows ... | bullseye, buster, stretch | |
CVE-2021-46195 | GCC v12.0 was discovered to contain an uncontrolled recursion via the ... | bookworm, bullseye, buster, sid, stretch | |
bison | CVE-2020-14150 | GNU Bison before 3.5.4 allows attackers to cause a denial of service ( ... | buster, stretch |
blender | CVE-2005-3151 | Buffer overflow in blenderplay in Blender Player 2.37a allows attacker ... | bullseye, buster, sid, stretch |
CVE-2009-3850 | Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execut ... | bullseye, buster, sid, stretch | |
CVE-2010-5105 | The undo save quit routine in the kernel in Blender 2.5, 2.63a, and ea ... | bullseye, buster, sid, stretch | |
bluez | CVE-2016-9797 | In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" functio ... | bookworm, bullseye, buster, sid, stretch |
CVE-2016-9798 | In BlueZ 5.42, a use-after-free was identified in "conf_opt" function ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9799 | In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" funct ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9800 | In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9801 | In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" functi ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9802 | In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" fun ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9803 | In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9804 | In BlueZ 5.42, a buffer overflow was observed in "commands_dump" funct ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9917 | In BlueZ 5.42, a buffer overflow was observed in "read_n" function in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9918 | In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump ... | bookworm, bullseye, buster, sid, stretch | |
bochs | CVE-2007-2894 | The emulated floppy disk controller in Bochs 2.3 allows local users of ... | bookworm, bullseye, buster, sid, stretch |
brandy | CVE-2019-14662 | Brandy 1.20.1 has a stack-based buffer overflow in fileio_openout in f ... | bullseye, buster, stretch |
CVE-2019-14663 | Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fi ... | bullseye, buster, stretch | |
CVE-2019-14665 | Brandy 1.20.1 has a heap-based buffer overflow in define_array in vari ... | bullseye, buster, stretch | |
CVE-2020-27372 | A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1 ... | bookworm, bullseye, buster, sid, stretch | |
bubblewrap | CVE-2019-12439 | bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories ... | stretch |
busybox | CVE-2016-6301 | The recv_and_process_client_pkt function in networking/ntpd.c in busyb ... | stretch |
CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-42373 | A NULL pointer dereference in Busybox's man applet leads to denial of ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-42374 | An out-of-bounds heap read in Busybox's unlzma applet leads to informa ... | bookworm, bullseye, buster, sid | |
CVE-2021-42375 | An incorrect handling of a special element in Busybox's ash applet lea ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-42376 | A NULL pointer dereference in Busybox's hush applet leads to denial of ... | bookworm, bullseye, buster, sid | |
bwa | CVE-2019-11371 | BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow vi ... | bookworm, bullseye, buster, sid, stretch |
bwm-ng | CVE-2022-1341 | An issue was discovered in in bwm-ng v0.6.2. An arbitrary null write e ... | buster, stretch |
byobu | CVE-2019-7306 | Byobu Apport hook may disclose sensitive information since it automati ... | bookworm, bullseye, buster, sid, stretch |
byzanz | CVE-2015-2785 | The GIF encoder in Byzanz allows remote attackers to cause a denial of ... | bookworm, bullseye, buster, sid, stretch |
cacti | CVE-2009-4112 | Cacti 0.8.7e and earlier allows remote authenticated administrators to ... | stretch |
CVE-2020-7058 | ** DISPUTED ** data_input.php in Cacti 1.2.8 allows remote code execut ... | bookworm, bullseye, buster, sid, stretch | |
cadaver | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... | bookworm, bullseye, buster, sid, stretch |
CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... | bookworm, bullseye, buster, sid, stretch | |
calamares | CVE-2019-13178 | modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2. ... | buster |
cantata | CVE-2018-12559 | An issue was discovered in the cantata-mounter D-Bus service in Cantat ... | stretch |
CVE-2018-12560 | An issue was discovered in the cantata-mounter D-Bus service in Cantat ... | stretch | |
CVE-2018-12561 | An issue was discovered in the cantata-mounter D-Bus service in Cantat ... | stretch | |
CVE-2018-12562 | An issue was discovered in the cantata-mounter D-Bus service in Cantat ... | stretch | |
capnproto | CVE-2017-7892 | Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to ... | stretch |
catdoc | CVE-2018-20451 | The process_file function in reader.c in libdoc through 2017-10-23 has ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-20453 | The getlong function in numutils.c in libdoc through 2017-10-23 has a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-7156 | In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows divi ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-7233 | In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer ... | bookworm, bullseye, buster, sid, stretch | |
cflow | CVE-2019-16165 | GNU cflow through 1.6 has a use-after-free in the reference function i ... | bullseye, buster, stretch |
CVE-2019-16166 | GNU cflow through 1.6 has a heap-based buffer over-read in the nexttok ... | bullseye, buster, stretch | |
CVE-2020-23856 | Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, ... | bullseye, buster, stretch | |
checkinstall | CVE-2020-25031 | checkinstall 1.6.2, when used to create a package that contains a syml ... | bookworm, bullseye, sid, stretch |
chromium-browser | CVE-2008-7246 | Google Chrome 0.2.149.29 and earlier allows remote attackers to cause ... | stretch |
CVE-2009-0374 | stretch | ||
CVE-2009-1598 | Google Chrome executes DOM calls in response to a javascript: URI in t ... | stretch | |
CVE-2010-1384 | Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and ... | stretch | |
CVE-2010-1992 | Google Chrome 1.0.154.48 executes a mail application in situations whe ... | stretch | |
CVE-2010-4037 | Unspecified vulnerability in Google Chrome before 7.0.517.41 allows re ... | stretch | |
CVE-2010-4482 | Unspecified vulnerability in Google Chrome before 8.0.552.215 allows r ... | stretch | |
CVE-2011-2599 | Google Chrome 11 does not block use of a cross-domain image as a WebGL ... | stretch | |
CVE-2011-3640 | ** DISPUTED ** Untrusted search path vulnerability in Mozilla Network ... | stretch | |
CVE-2012-5851 | html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chr ... | stretch | |
CVE-2018-6406 | The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libw ... | stretch | |
CVE-2018-6548 | A use-after-free issue was discovered in libwebm through 2018-02-02. I ... | stretch | |
chrony | CVE-2020-14367 | A flaw was found in chrony versions before 3.5.1 when creating the PID ... | stretch |
cifs-utils | CVE-2014-2830 | Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils ... | bookworm, bullseye, buster, sid, stretch |
civetweb | CVE-2020-27304 | The CivetWeb web library does not validate uploaded filepaths when run ... | bullseye |
clementine | CVE-2018-14332 | An issue was discovered in Clementine Music Player 1.3.1. Clementine.e ... | bookworm, bullseye, buster, sid, stretch |
CVE-2021-40826 | Clementine Music Player through 1.3.1 is vulnerable to a User Mode Wri ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-40827 | Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) ... | bookworm, bullseye, buster, sid, stretch | |
coin3 | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... | bookworm, bullseye, buster, sid, stretch |
CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... | bookworm, bullseye, buster, sid, stretch | |
confuse | CVE-2018-19760 | cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak. ... | buster, stretch |
conkeror | CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | stretch |
context | CVE-2017-17513 | TeX Live through 20170524 does not validate strings before launching t ... | bookworm, bullseye, buster, sid, stretch |
coreutils | CVE-2017-18018 | In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does no ... | bookworm, bullseye, buster, sid, stretch |
courier | CVE-2004-2313 | Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error message ... | bookworm, bullseye, buster, sid, stretch |
CVE-2005-1308 | SqWebMail allows remote attackers to inject arbitrary web script or HT ... | bookworm, bullseye, buster, sid, stretch | |
crossroads | CVE-2018-18654 | Crossroads 2.81 does not properly handle the /tmp directory during a b ... | stretch |
ctn | CVE-2008-5146 | add-accession-numbers in ctn 3.0.6 allows local users to overwrite arb ... | bookworm, bullseye, buster, sid, stretch |
cups | CVE-2014-8166 | The browsing feature in the server in CUPS does not filter ANSI escape ... | bookworm, bullseye, buster, sid, stretch |
curl | CVE-2021-22922 | When curl is instructed to download content using the metalink feature ... | bookworm, bullseye, buster, sid, stretch |
CVE-2021-22923 | When curl is instructed to get content using the metalink feature, and ... | bookworm, bullseye, buster, sid, stretch | |
dacs | CVE-2021-29629 | In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before ... | buster |
db4o | CVE-2012-6550 | Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 ... | bookworm, bullseye, buster, sid, stretch |
CVE-2013-1808 | Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and Zero ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2014-1869 | Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.s ... | bookworm, bullseye, buster, sid, stretch | |
dcraw | CVE-2013-1438 | Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in lib ... | stretch |
CVE-2018-19565 | A buffer over-read in crop_masked_pixels in dcraw through 9.28 could b ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-19566 | A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-19567 | A floating point exception in parse_tiff_ifd in dcraw through 9.28 cou ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-19568 | A floating point exception in kodak_radc_load_raw in dcraw through 9.2 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-19655 | A stack-based buffer overflow in the find_green() function of dcraw th ... | stretch | |
dhcpcd5 | CVE-2014-7913 | The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as ... | stretch |
dia | CVE-2019-19451 | When GNOME Dia before 2019-11-27 is launched with a filename argument ... | bookworm, bullseye, buster, sid, stretch |
dillo | TEMP-0560108-565B70 | browser-based css info disclosure | bookworm, bullseye, buster, sid, stretch |
dlt-daemon | CVE-2021-29507 | GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interfa ... | bookworm, bullseye, buster, sid |
dmg2img | CVE-2021-3548 | A flaw was found in dmg2img through 20170502. dmg2img did not validate ... | bookworm, bullseye, buster, sid, stretch |
CVE-2021-32614 | A flaw was found in dmg2img through 20170502. fill_mishblk() does not ... | bookworm, bullseye, buster, sid, stretch | |
dnsmasq | CVE-2021-45951 | ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in check_ ... | bookworm, bullseye, buster, sid, stretch |
CVE-2021-45952 | ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_r ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-45953 | ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extrac ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-45954 | ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extrac ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-45955 | ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in resize ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-45956 | ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in print_ ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-45957 | ** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in answer ... | bookworm, bullseye, buster, sid, stretch | |
dnspython | CVE-2008-1447 | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, ... | bookworm, bullseye, buster, sid, stretch |
dnstracer | CVE-2017-9430 | Stack-based buffer overflow in dnstracer through 1.9 allows attackers ... | bookworm, bullseye, buster, sid, stretch |
dogtag-pki | CVE-2015-0234 | Multiple temporary file creation vulnerabilities in pki-core 10.2.0. ... | bookworm, bullseye, sid |
dokuwiki | CVE-2016-7965 | DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the ... | bookworm, bullseye, buster, sid |
dovecot | CVE-2008-4870 | dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedor ... | bookworm, bullseye, buster, sid, stretch |
dpkg-cross | CVE-2008-4950 | ** DISPUTED ** gccross in dpkg-cross 2.3.0 allows local users to overw ... | bookworm, bullseye, buster, sid, stretch |
dropbear | CVE-2020-36254 | scp.c in Dropbear before 2020.79 mishandles the filename of . or an em ... | buster, stretch |
drupal7 | CVE-2007-6752 | ** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in Drup ... | stretch |
duo-unix | CVE-2020-12135 | bson before 0.8 incorrectly uses int rather than size_t for many varia ... | bookworm, bullseye, buster, sid, stretch |
edk2 | CVE-2014-4859 | Integer overflow in the Drive Execution Environment (DXE) phase in the ... | buster, stretch |
CVE-2014-4860 | Multiple integer overflows in the Pre-EFI Initialization (PEI) boot ph ... | buster, stretch | |
CVE-2018-12179 | Improper configuration in system firmware for EDK II may allow unauthe ... | buster, stretch | |
CVE-2018-12182 | Insufficient memory write check in SMM service for EDK II may allow an ... | buster, stretch | |
CVE-2019-0160 | Buffer overflow in system firmware for EDK II may allow unauthenticate ... | stretch | |
CVE-2019-14553 | Improper authentication in EDK II may allow a privileged user to poten ... | buster, stretch | |
CVE-2021-28213 | Example EDK2 encrypted private key in the IpSecDxe.efi present potenti ... | buster, stretch | |
elfutils | CVE-2019-7148 | An attempted excessive memory allocation was discovered in the functio ... | stretch |
epiphany-browser | CVE-2007-1084 | Mozilla Firefox 2.0.0.1 and earlier does not prompt users before savin ... | bookworm, bullseye, buster, sid, stretch |
CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-11396 | ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3 ... | stretch | |
CVE-2018-12016 | libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows rem ... | stretch | |
TEMP-0560108-565B70 | browser-based css info disclosure | bookworm, bullseye, buster, sid, stretch | |
erlang | CVE-2009-0130 | ** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not proper ... | bookworm, bullseye, buster, sid, stretch |
CVE-2016-1000107 | inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1 ... | bookworm, bullseye, buster, sid, stretch | |
evolution | CVE-2007-1266 | Evolution 2.8.1 and earlier does not properly use the --status-fd argu ... | bookworm, bullseye, buster, sid, stretch |
CVE-2011-3201 | GNOME Evolution before 3.2.3 allows user-assisted remote attackers to ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2013-4166 | The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNO ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-17689 | The S/MIME specification allows a Cipher Block Chaining (CBC) malleabi ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-3349 | ** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signat ... | bookworm, bullseye, buster, sid, stretch | |
evolution-data-server | CVE-2018-12422 | ** DISPUTED ** addressbook/backends/ldap/e-book-backend-ldap.c in Evol ... | stretch |
exif | CVE-2021-27815 | NULL Pointer Deference in the exif command line tool, when printing ou ... | bookworm, bullseye, buster, sid, stretch |
exiv2 | CVE-2017-11683 | There is a reachable assertion in the Internal::TiffReader::visitDirec ... | buster, stretch |
CVE-2018-14338 | samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realp ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-13113 | Exiv2 through 0.27.1 allows an attacker to cause a denial of service ( ... | buster, stretch | |
CVE-2020-18773 | An invalid memory access in the decode function in iptc.cpp of Exiv2 0 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-18774 | A float point exception in the printLong function in tags_int.cpp of E ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-18898 | A stack exhaustion issue in the printIFDStructure function of Exiv2 0. ... | bookworm, bullseye, buster, sid, stretch | |
expat | CVE-2013-0340 | expat 2.1.0 and earlier does not properly handle entities expansion un ... | bullseye, buster, stretch |
faac | CVE-2018-19886 | An invalid memory address dereference was discovered in the huffcode f ... | buster, stretch |
CVE-2018-19887 | An invalid memory address dereference was discovered in the huffcode f ... | buster, stretch | |
CVE-2018-19888 | An invalid memory address dereference was discovered in the huffcode f ... | buster, stretch | |
CVE-2018-19889 | An invalid memory address dereference was discovered in the huffcode f ... | buster, stretch | |
CVE-2018-19890 | An invalid memory address dereference was discovered in the huffcode f ... | buster, stretch | |
CVE-2018-19891 | An invalid memory address dereference was discovered in the huffcode f ... | buster, stretch | |
faust | CVE-2021-32275 | An issue was discovered in faust through v2.30.5. A NULL pointer deref ... | bookworm, bullseye, buster, sid, stretch |
fetchmail | CVE-2021-36386 | report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits i ... | buster, stretch |
ffmpeg | CVE-2020-20445 | FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, ... | bookworm, sid |
CVE-2020-20450 | FFmpeg 4.2 is affected by null pointer dereference passed as argument ... | buster | |
CVE-2020-20451 | Denial of Service issue in FFmpeg 4.2 due to resource management error ... | buster | |
CVE-2020-20898 | Integer Overflow vulnerability in function filter16_prewitt in libavfi ... | buster | |
CVE-2020-22038 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | bullseye, buster | |
CVE-2020-22039 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster, stretch | |
CVE-2020-22040 | A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memor ... | buster, stretch | |
CVE-2020-22041 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
CVE-2020-22042 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster, stretch | |
CVE-2020-22043 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster, stretch | |
CVE-2020-22044 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
CVE-2020-22046 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
CVE-2020-22048 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
CVE-2020-22051 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
CVE-2020-22056 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
CVE-2021-38090 | Integer Overflow vulnerability in function filter16_roberts in libavfi ... | buster | |
CVE-2021-38091 | Integer Overflow vulnerability in function filter16_sobel in libavfilt ... | buster | |
CVE-2021-38092 | Integer Overflow vulnerability in function filter_prewitt in libavfilt ... | buster | |
CVE-2021-38093 | Integer Overflow vulnerability in function filter_robert in libavfilte ... | buster | |
CVE-2021-38094 | Integer Overflow vulnerability in function filter_sobel in libavfilter ... | buster | |
fig2dev | CVE-2018-16140 | A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3. ... | stretch |
CVE-2019-19746 | make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fau ... | stretch | |
CVE-2020-21678 | A global buffer overflow in the genmp_writefontmacro_latex component i ... | buster, stretch | |
CVE-2020-21680 | A stack-based buffer overflow in the put_arrow() component in genpict2 ... | buster, stretch | |
CVE-2020-21681 | A global buffer overflow in the set_color component in genge.c of fig2 ... | buster, stretch | |
CVE-2020-21682 | A global buffer overflow in the set_fill component in genge.c of fig2d ... | buster, stretch | |
CVE-2020-21683 | A global buffer overflow in the shade_or_tint_name_after_declare_color ... | buster, stretch | |
CVE-2020-21684 | A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2 ... | buster, stretch | |
firefox | CVE-2004-1639 | Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows re ... | sid |
CVE-2005-2395 | Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the ... | sid | |
CVE-2005-4685 | Firefox and Mozilla can associate a cookie with multiple domains when ... | sid | |
CVE-2019-12383 | Tor Browser before 8.0.1 has an information exposure vulnerability. It ... | sid, bookworm, bullseye, buster, sid, stretch | |
firehol | CVE-2008-4953 | bookworm, bullseye, buster, sid, stretch | |
flask-caching | CVE-2021-33026 | The Flask-Caching extension through 1.10.1 for Flask relies on Pickle ... | bookworm, bullseye, sid |
flex | CVE-2019-6293 | An issue was discovered in the function mark_beginning_as_normal in nf ... | bookworm, bullseye, buster, sid, stretch |
fontforge | CVE-2017-11570 | FontForge 20161012 is vulnerable to a buffer over-read in umodenc (par ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-11573 | FontForge 20161012 is vulnerable to a buffer over-read in ValidatePost ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-17521 | uiutil.c in FontForge through 20170731 does not validate strings befor ... | bookworm, bullseye, buster, sid, stretch | |
foomatic-filters | CVE-2011-2923 | foomatic-rip filter, all versions, used insecurely creates temporary f ... | bookworm, bullseye, buster, sid, stretch |
TEMP-0000000-ACBC4C | buffer overflows in init_cups | bookworm, bullseye, buster, sid, stretch | |
freeipa | CVE-2015-5179 | FreeIPA might display user data improperly via vectors involving non-p ... | bookworm, buster, sid |
CVE-2017-12169 | It was found that FreeIPA 4.2.0 and later could disclose password hash ... | bookworm, buster, sid | |
CVE-2019-14826 | A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies ... | bookworm, buster, sid | |
freeradius | CVE-2007-0080 | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-10143 | ** DISPUTED ** It was discovered freeradius up to and including versio ... | bookworm, bullseye, buster, sid, stretch | |
frr | CVE-2020-12831 | ** DISPUTED ** An issue was discovered in FRRouting FRR (aka Free Rang ... | bullseye, buster, sid |
ganglia-web | CVE-2015-6816 | ganglia-web before 3.7.1 allows remote attackers to bypass authenticat ... | buster, stretch |
CVE-2019-20378 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-20379 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ... | bookworm, bullseye, buster, sid, stretch | |
gcc-12 | CVE-2022-27943 | libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in ... | bookworm, sid |
gcc-mingw-w64 | CVE-2016-4973 | Binaries compiled against targets that use the libssp library in GCC f ... | bookworm, bullseye, buster, sid, stretch |
gdal | CVE-2019-17546 | tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0. ... | bookworm, bullseye, buster, sid, stretch |
gdb | CVE-2014-8501 | The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutil ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-9778 | GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length f ... | buster, stretch | |
gdk-pixbuf | CVE-2017-2870 | An exploitable integer overflow vulnerability exists in the tiff_image ... | stretch |
CVE-2017-6311 | gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attack ... | stretch | |
gdnsd | CVE-2019-13952 | The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and ... | stretch |
gedit | CVE-2017-14108 | libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to ca ... | bookworm, bullseye, buster, sid, stretch |
geomview | CVE-2017-17530 | common/help.c in Geomview 1.9.5 does not validate strings before launc ... | bookworm, bullseye, buster, sid, stretch |
gettext | CVE-2018-18751 | An issue was discovered in GNU gettext 0.19.8. There is a double free ... | stretch |
ghostscript | CVE-2022-1350 | A vulnerability classified as problematic was found in GhostPCL 9.55.0 ... | bookworm, bullseye, buster, sid, stretch |
giac | CVE-2017-17526 | Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings be ... | bookworm, bullseye, buster, sid |
gif2apng | CVE-2021-45907 | An issue was discovered in gif2apng 1.9. There is a stack-based buffer ... | bullseye, buster, stretch |
CVE-2021-45908 | An issue was discovered in gif2apng 1.9. There is a stack-based buffer ... | bullseye, buster, stretch | |
gif2png | CVE-2019-17371 | gif2png 2.5.13 has a memory leak in the writefile function. ... | stretch |
gifsicle | CVE-2017-18120 | A double-free bug in the read_gif function in gifread.c in gifsicle 1. ... | stretch |
CVE-2020-19752 | The find_color_or_error function in gifsicle 1.92 contains a NULL poin ... | bullseye, buster, stretch | |
giftrans | CVE-2021-45972 | The giftrans function in giftrans 1.12.2 contains a stack-based buffer ... | bookworm, bullseye, buster, sid, stretch |
gimp | CVE-2007-3126 | Gimp before 2.8.22 allows context-dependent attackers to cause a denia ... | stretch |
CVE-2012-4245 | The scriptfu network server in GIMP 2.6 does not require authenticatio ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-12713 | GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary f ... | bookworm, bullseye, buster, sid, stretch | |
git | CVE-2017-15298 | Git through 2.14.2 mishandles layers of tree objects, which allows rem ... | stretch |
CVE-2018-1000021 | GIT version 2.15.1 and earlier contains a Input Validation Error vulne ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-1350 | A remote code execution vulnerability exists when Git for Visual Studi ... | stretch | |
CVE-2019-1351 | A tampering vulnerability exists when Git for Visual Studio improperly ... | stretch | |
CVE-2019-1354 | A remote code execution vulnerability exists when Git for Visual Studi ... | stretch | |
CVE-2022-24975 | The --mirror documentation for Git through 2.35.1 does not mention the ... | bookworm, bullseye, buster, sid, stretch | |
gjots2 | CVE-2017-17535 | lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before ... | buster, stretch |
glance | CVE-2013-4354 | The API before 2.1 in OpenStack Image Registry and Delivery Service (G ... | bookworm, bullseye, buster, sid, stretch |
CVE-2015-8234 | The image signature algorithm in OpenStack Glance 11.0.0 allows remote ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-4383 | The glance-manage db in all versions of HPE Helion Openstack Glance al ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-8611 | A vulnerability was found in Openstack Glance. No limits are enforced ... | bookworm, bullseye, buster, sid, stretch | |
glib2.0 | CVE-2012-0039 | ** DISPUTED ** GLib 2.31.8 and earlier, when the g_str_hash function i ... | bookworm, bullseye, buster, sid, stretch |
CVE-2020-35457 | ** DISPUTED ** GNOME GLib before 2.65.3 has an integer overflow, that ... | buster, stretch | |
glibc | CVE-2010-4756 | The glob implementation in the GNU C Library (aka glibc or libc6) allo ... | bookworm, bullseye, buster, sid, stretch |
CVE-2015-8985 | The pop_fail_stack function in the GNU C Library (aka glibc or libc6) ... | stretch | |
CVE-2018-20796 | In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-6488 | The string component in the GNU C Library (aka glibc or libc6) through ... | stretch | |
CVE-2019-7309 | In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp fun ... | stretch | |
CVE-2019-9192 | ** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-1010022 | ** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-1010023 | ** DISPUTED ** GNU Libc current is affected by: Re-mapping current loa ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-1010024 | ** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-1010025 | ** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The ... | bookworm, bullseye, buster, sid, stretch | |
gnome-font-viewer | CVE-2019-19308 | In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, ... | buster, stretch |
gnome-keyring | CVE-2018-19358 | GNOME Keyring through 3.28.2 allows local users to retrieve login cred ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-20781 | In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's pas ... | stretch | |
gnome-orca | CVE-2013-4245 | Orca has arbitrary code execution due to insecure Python module load ... | stretch |
gnome-shell | CVE-2012-4427 | The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force ... | buster, stretch |
gnome-sushi | CVE-2019-19308 | In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, ... | bookworm, bullseye, buster, sid, stretch |
gnuchess | CVE-2019-15767 | In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_ ... | buster, stretch |
gnumail | CVE-2007-1269 | GNUMail 1.1.2 and earlier does not properly use the --status-fd argume ... | bookworm, bullseye, buster, sid, stretch |
gnupg1 | CVE-2018-6829 | cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ... | bookworm, bullseye, buster, sid, stretch |
gnuplot | CVE-2018-19490 | An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue all ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-19491 | An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allow ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-19492 | An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allo ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-25412 | com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-25559 | gnuplot 5.5 is affected by double free when executing print_set_output ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-44917 | A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d ... | buster, stretch | |
gnutls28 | CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windo ... | bookworm, bullseye, buster, sid, stretch |
gocr | CVE-2021-33479 | A stack-based buffer overflow vulnerability was discovered in gocr thr ... | bookworm, bullseye, buster, sid, stretch |
CVE-2021-33480 | An use-after-free vulnerability was discovered in gocr through 0.53-20 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-33481 | A stack-based buffer overflow vulnerability was discovered in gocr thr ... | bookworm, bullseye, buster, sid, stretch | |
golang-1.11 | CVE-2020-29509 | The encoding/xml package in Go (all versions) does not correctly prese ... | buster |
CVE-2020-29510 | The encoding/xml package in Go versions 1.15 and earlier does not corr ... | buster | |
CVE-2020-29511 | The encoding/xml package in Go (all versions) does not correctly prese ... | buster | |
golang-1.15 | CVE-2020-29509 | The encoding/xml package in Go (all versions) does not correctly prese ... | bullseye |
CVE-2020-29510 | The encoding/xml package in Go versions 1.15 and earlier does not corr ... | bullseye | |
CVE-2020-29511 | The encoding/xml package in Go (all versions) does not correctly prese ... | bullseye | |
golang-1.7 | CVE-2020-29509 | The encoding/xml package in Go (all versions) does not correctly prese ... | stretch |
CVE-2020-29510 | The encoding/xml package in Go versions 1.15 and earlier does not corr ... | stretch | |
CVE-2020-29511 | The encoding/xml package in Go (all versions) does not correctly prese ... | stretch | |
golang-1.8 | CVE-2020-29509 | The encoding/xml package in Go (all versions) does not correctly prese ... | stretch |
CVE-2020-29510 | The encoding/xml package in Go versions 1.15 and earlier does not corr ... | stretch | |
CVE-2020-29511 | The encoding/xml package in Go (all versions) does not correctly prese ... | stretch | |
google-perftools | CVE-2018-13420 | ** DISPUTED ** Google gperftools 2.7 has a memory leak in malloc_exten ... | bookworm, bullseye, buster, sid, stretch |
gpac | CVE-2020-22673 | Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows ... | buster, stretch |
CVE-2020-22679 | Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 a ... | buster, stretch | |
CVE-2021-31256 | Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0. ... | buster, stretch | |
CVE-2021-31261 | The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to rea ... | buster, stretch | |
CVE-2021-33361 | Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allo ... | bookworm, bullseye, sid | |
CVE-2021-33363 | Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allo ... | bookworm, bullseye, sid | |
CVE-2021-33364 | Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 ... | bookworm, bullseye, sid | |
CVE-2021-33365 | Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-33366 | Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC ... | bookworm, bullseye, sid | |
gpp | CVE-2018-17076 | GPP through 2.25 will try to use more memory space than is available o ... | buster, stretch |
gpw | CVE-2011-4931 | gpw generates shorter passwords than required ... | bookworm, bullseye, buster, sid, stretch |
graphicsmagick | CVE-2017-13736 | There are lots of memory leaks in the GMCommand function in magick/com ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-18544 | There is a memory leak in the function WriteMSLImage of coders/msl.c i ... | stretch | |
CVE-2019-7397 | In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, seve ... | stretch | |
CVE-2019-16709 | ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrate ... | stretch | |
graphviz | CVE-2019-11023 | The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39. ... | bookworm, bullseye, buster, sid, stretch |
grub | CVE-2008-3896 | Grub Legacy 0.97 and earlier stores pre-boot authentication passwords ... | bookworm, bullseye, buster, sid, stretch |
gsoap | CVE-2021-21783 | A code execution vulnerability exists in the WS-Addressing plugin func ... | bookworm, bullseye, buster, sid, stretch |
gssproxy | CVE-2020-12658 | ** DISPUTED ** gssproxy (aka gss-proxy) before 0.8.3 does not unlock c ... | bookworm, bullseye, buster, sid |
gthumb | CVE-2020-36427 | GNOME gThumb before 3.10.1 allows an application crash via a malformed ... | buster, stretch |
haskell-tls | CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windo ... | bookworm, bullseye, buster, sid, stretch |
hdf5 | CVE-2017-17507 | In HDF5 1.10.1, there is an out of bounds read vulnerability in the fu ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-14031 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14033 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14034 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14035 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14460 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-15671 | An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stac ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-16438 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-17432 | A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-17433 | A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-17435 | A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-17436 | ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allo ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-17438 | A SIGFPE signal is raised in the function H5D__select_io() of H5Dselec ... | buster, stretch | |
CVE-2018-17439 | An issue was discovered in the HDF HDF5 1.10.3 library. There is a sta ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-8397 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-9151 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-9152 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-10809 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-10810 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-10811 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-10812 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ... | bookworm, bullseye, buster, sid, stretch | |
hex-a-hop | TEMP-0528250-2E3658 | hex-a-hop: buffer overflow in loading save games | bookworm, bullseye, buster, sid, stretch |
hiredis | CVE-2021-32765 | Hiredis is a minimalistic C client library for the Redis database. In ... | bullseye, buster |
htmldoc | CVE-2022-24191 | In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can l ... | bullseye, buster, stretch |
CVE-2022-28085 | A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in ... | bullseye, buster, stretch | |
htslib | CVE-2018-14329 | In HTSlib 1.8, a race condition in cram/cram_io.c might allow local us ... | bookworm, bullseye, buster, sid, stretch |
hugo | CVE-2020-26284 | Hugo is a fast and Flexible Static Site Generator built in Go. Hugo de ... | buster, stretch |
hunspell | CVE-2019-16707 | Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommon ... | buster, stretch |
icecast2 | CVE-2005-0837 | IceCast 2.20 allows remote attackers to bypass the XSL parser and obta ... | bookworm, bullseye, buster, sid, stretch |
CVE-2005-0838 | Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow ... | bookworm, bullseye, buster, sid, stretch | |
icedtea-web | CVE-2015-5236 | bookworm, bullseye, buster, sid, stretch | |
imagemagick | CVE-2005-0406 | A design flaw in image processing software that modifies JPEG images m ... | bookworm, bullseye, buster, sid, stretch |
CVE-2008-3134 | Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 al ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-8678 | The IsPixelMonochrome function in MagickCore/pixel-accessor.h in Image ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-6502 | An issue was discovered in ImageMagick 6.9.7. A specially crafted webp ... | stretch | |
CVE-2017-7275 | The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allow ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-11531 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ... | stretch | |
CVE-2017-11532 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ... | stretch | |
CVE-2017-11534 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ... | stretch | |
CVE-2017-11536 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ... | stretch | |
CVE-2017-11539 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ... | stretch | |
CVE-2017-11644 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ... | stretch | |
CVE-2017-11724 | The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9 ... | stretch | |
CVE-2017-11751 | The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ... | stretch | |
CVE-2017-11752 | The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 ... | stretch | |
CVE-2017-11754 | The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-11755 | The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-12418 | ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM ... | stretch | |
CVE-2017-12427 | The ProcessMSLScript function in coders/msl.c in ImageMagick before 6. ... | stretch | |
CVE-2017-12433 | In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-12564 | In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-12565 | In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-12566 | In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-12641 | ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage ... | stretch | |
CVE-2017-12642 | ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in ... | stretch | |
CVE-2017-12644 | ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in ... | stretch | |
CVE-2017-12654 | The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 all ... | stretch | |
CVE-2017-12662 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage i ... | stretch | |
CVE-2017-12663 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage i ... | stretch | |
CVE-2017-12664 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage ... | stretch | |
CVE-2017-12665 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage ... | stretch | |
CVE-2017-12666 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImag ... | stretch | |
CVE-2017-12667 | ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in ... | stretch | |
CVE-2017-12668 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage i ... | stretch | |
CVE-2017-12669 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage ... | stretch | |
CVE-2017-12672 | In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-12673 | In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-12675 | In ImageMagick 7.0.6-3, a missing check for multidimensional data was ... | stretch | |
CVE-2017-12676 | In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-13058 | In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-13059 | In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-13060 | In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-13062 | In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-13131 | In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the f ... | stretch | |
CVE-2017-13146 | In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memor ... | stretch | |
CVE-2017-14137 | ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue whe ... | stretch | |
CVE-2017-14138 | ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage i ... | stretch | |
CVE-2017-14139 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage i ... | stretch | |
CVE-2017-14324 | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in t ... | stretch | |
CVE-2017-14325 | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in t ... | stretch | |
CVE-2017-14326 | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in t ... | stretch | |
CVE-2017-14342 | ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGIm ... | stretch | |
CVE-2017-14343 | ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in ... | stretch | |
CVE-2017-14531 | ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in c ... | stretch | |
CVE-2017-14533 | ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c. ... | stretch | |
CVE-2017-14684 | In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in t ... | stretch | |
CVE-2017-15016 | ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability i ... | stretch | |
CVE-2017-15032 | ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage i ... | stretch | |
CVE-2017-15033 | ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in ... | stretch | |
CVE-2017-15217 | ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. ... | stretch | |
CVE-2017-15218 | ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png ... | stretch | |
CVE-2017-17680 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ... | stretch | |
CVE-2017-17880 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based ... | stretch | |
CVE-2017-17881 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ... | stretch | |
CVE-2017-17882 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ... | stretch | |
CVE-2017-17883 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ... | stretch | |
CVE-2017-17884 | In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in ... | stretch | |
CVE-2017-17885 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ... | stretch | |
CVE-2017-17886 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in ... | stretch | |
CVE-2017-17887 | In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in ... | stretch | |
CVE-2017-17934 | ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, rela ... | stretch | |
CVE-2017-18008 | In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in ... | stretch | |
CVE-2017-18022 | In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCom ... | stretch | |
CVE-2017-18027 | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in t ... | stretch | |
CVE-2017-18028 | In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was foun ... | stretch | |
CVE-2017-18029 | In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in ... | stretch | |
CVE-2017-18251 | An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerabil ... | stretch | |
CVE-2017-18254 | An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerabil ... | stretch | |
CVE-2018-5246 | In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImag ... | stretch | |
CVE-2018-5247 | In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in ... | stretch | |
CVE-2018-5357 | ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function ... | stretch | |
CVE-2018-5358 | ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes ... | stretch | |
CVE-2018-6405 | In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0 ... | stretch | |
CVE-2018-7470 | An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLo ... | stretch | |
CVE-2018-9135 | In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in ... | stretch | |
CVE-2018-10804 | ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage ... | stretch | |
CVE-2018-10805 | ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage ... | stretch | |
CVE-2018-11655 | In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was fo ... | stretch | |
CVE-2018-11656 | In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was fo ... | stretch | |
CVE-2018-13153 | In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand f ... | stretch | |
CVE-2018-14434 | ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage ... | stretch | |
CVE-2018-14435 | ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. ... | stretch | |
CVE-2018-14436 | ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff. ... | stretch | |
CVE-2018-14437 | ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. ... | stretch | |
CVE-2018-15607 | In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x3 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-16640 | ImageMagick 7.0.8-5 has a memory leak vulnerability in the function Re ... | stretch | |
CVE-2018-16750 | In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfr ... | stretch | |
CVE-2018-17965 | ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage ... | stretch | |
CVE-2018-17966 | ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage ... | stretch | |
CVE-2018-17967 | ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage i ... | stretch | |
CVE-2018-18016 | ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage ... | stretch | |
CVE-2018-18544 | There is a memory leak in the function WriteMSLImage of coders/msl.c i ... | stretch | |
CVE-2019-7175 | In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage ... | stretch | |
CVE-2019-7395 | In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChanne ... | stretch | |
CVE-2019-7396 | In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage ... | stretch | |
CVE-2019-7397 | In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, seve ... | stretch | |
CVE-2019-7398 | In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage ... | stretch | |
CVE-2019-10649 | In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SV ... | stretch | |
CVE-2019-12975 | ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXIm ... | stretch | |
CVE-2019-12976 | ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in ... | stretch | |
CVE-2019-13137 | ImageMagick before 7.0.8-50 has a memory leak vulnerability in the fun ... | stretch | |
CVE-2019-13301 | ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory becau ... | stretch | |
CVE-2019-13309 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory becau ... | stretch | |
CVE-2019-13310 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory becau ... | buster, stretch | |
CVE-2019-13311 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory becau ... | stretch | |
CVE-2019-16708 | ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to ... | stretch | |
CVE-2019-16709 | ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrate ... | buster, stretch | |
CVE-2019-16710 | ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrate ... | stretch | |
CVE-2019-16711 | ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in code ... | stretch | |
CVE-2019-16712 | ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in code ... | stretch | |
CVE-2019-16713 | ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrate ... | stretch | |
CVE-2020-27753 | There are several memory leaks in the MIFF coder in /coders/miff.c due ... | buster, stretch | |
CVE-2020-27755 | in SetImageExtent() of /MagickCore/image.c, an incorrect image depth s ... | buster, stretch | |
CVE-2021-20311 | A flaw was found in ImageMagick in versions before 7.0.11, where a div ... | bookworm, bullseye, buster, sid, stretch | |
TEMP-0869722-31618B | memory leak in quantize | stretch | |
initramfs-tools | CVE-2008-4996 | bookworm, bullseye, buster, sid, stretch | |
ioquake3 | CVE-2019-1010043 | Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: P ... | bookworm, bullseye, buster, sid, stretch |
iotjs | CVE-2020-29657 | In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unh ... | bookworm, bullseye, buster, sid |
ipsec-tools | CVE-2018-5389 | The Internet Key Exchange v1 main mode is vulnerable to offline dictio ... | stretch |
iptables | CVE-2012-2663 | extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP S ... | bookworm, bullseye, buster, sid, stretch |
CVE-2019-11360 | A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allo ... | buster, stretch | |
isakmpd | CVE-2018-5389 | The Internet Key Exchange v1 main mode is vulnerable to offline dictio ... | buster, sid, stretch |
italc | CVE-2019-15680 | TightVNC code version 1.3.10 contains null pointer dereference in Hand ... | stretch |
jakarta-el-api | CVE-2021-28170 | In the Jakarta Expression Language implementation 3.0.3 and earlier, a ... | bookworm, bullseye, sid |
jansson | CVE-2020-36325 | ** DISPUTED ** An issue was discovered in Jansson through 2.13.1. Due ... | bookworm, bullseye, buster, sid, stretch |
janus | CVE-2021-4124 | janus-gateway is vulnerable to Improper Neutralization of Input During ... | bookworm, sid |
jbigkit | CVE-2017-9937 | In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A cr ... | bookworm, bullseye, buster, sid, stretch |
jhead | CVE-2018-6612 | An integer underflow bug in the process_EXIF function of the exif.c fi ... | stretch |
CVE-2019-19035 | jhead 3.03 is affected by: heap-based buffer over-read. The impact is: ... | buster, stretch | |
CVE-2019-1010301 | jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of s ... | buster, stretch | |
CVE-2019-1010302 | jhead 3.03 is affected by: Incorrect Access Control. The impact is: De ... | buster, stretch | |
CVE-2020-6624 | jhead through 3.04 has a heap-based buffer over-read in process_DQT in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-6625 | jhead through 3.04 has a heap-based buffer over-read in Get32s when ca ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-26208 | JHEAD is a simple command line tool for displaying and some manipulati ... | buster, stretch | |
CVE-2021-3496 | A heap-based buffer overflow was found in jhead in version 3.06 in Get ... | buster, stretch | |
CVE-2021-28275 | A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to ... | bullseye, buster, stretch | |
CVE-2021-28277 | A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.0 ... | bullseye, buster, stretch | |
CVE-2021-28278 | A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3. ... | bullseye, buster, stretch | |
jinja2 | CVE-2019-8341 | ** DISPUTED ** An issue was discovered in Jinja2 2.10. The from_string ... | bookworm, bullseye, buster, sid, stretch |
jquery | CVE-2007-2379 | The jQuery framework exchanges data using JavaScript Object Notation ( ... | buster, stretch |
CVE-2018-18405 | ** DISPUTED ** jQuery v2.2.2 allows XSS via a crafted onerror attribut ... | buster, stretch | |
jquery-goodies | CVE-2022-23395 | jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead ... | bookworm, bullseye, buster, sid, stretch |
json-glib | TEMP-0772585-D41D8C | bookworm, bullseye, buster, sid, stretch | |
json-smart | CVE-2021-31684 | A vulnerability was discovered in the indexOf function of JSONParserBy ... | bookworm, bullseye, buster, sid, stretch |
jsonpickle | CVE-2020-22083 | ** DISPUTED ** jsonpickle through 1.4.1 allows remote code execution d ... | bookworm, bullseye, buster, sid, stretch |
jython | CVE-2017-17522 | ** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not vali ... | bookworm, bullseye, buster, sid, stretch |
kde-baseapps | CVE-2012-4512 | The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 all ... | stretch |
CVE-2012-4513 | khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remot ... | stretch | |
CVE-2012-4514 | rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows ... | stretch | |
CVE-2012-4515 | Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in ... | stretch | |
CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | stretch | |
kde4libs | CVE-2009-1692 | WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iP ... | buster, stretch |
CVE-2009-1718 | WebKit in Apple Safari before 4.0 allows user-assisted remote attacker ... | buster, stretch | |
CVE-2009-1724 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ... | buster, stretch | |
CVE-2009-3015 | QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and d ... | buster, stretch | |
CVE-2009-3272 | Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safar ... | buster, stretch | |
TEMP-0560108-565B70 | browser-based css info disclosure | buster, stretch | |
TEMP-0568486-B6FCB6 | browser javascript document.write denial-of-service | buster, stretch | |
kdepim | CVE-2006-7139 | Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, al ... | stretch |
CVE-2007-1265 | KMail 1.9.5 and earlier does not properly use the --status-fd argument ... | stretch | |
keepalived | CVE-2018-19044 | keepalived 2.0.8 didn't check for pathnames with symlinks when writing ... | stretch |
CVE-2018-19045 | keepalived 2.0.8 used mode 0666 when creating new temporary files upon ... | stretch | |
CVE-2018-19046 | keepalived 2.0.8 didn't check for existing plain files when writing da ... | stretch | |
keepass2 | CVE-2019-20184 | KeePass 2.4.1 allows CSV injection in the title field of a CSV export. ... | bullseye, buster, sid, stretch |
kfreebsd-10 | CVE-2011-2393 | The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ... | buster, sid, stretch |
CVE-2016-1879 | The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 ... | buster, sid, stretch | |
CVE-2017-1081 | In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3 ... | buster, sid, stretch | |
CVE-2017-1082 | In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the ... | buster, sid, stretch | |
CVE-2017-1083 | In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is ... | buster, sid, stretch | |
CVE-2017-1084 | In FreeBSD before 11.2-RELEASE, multiple issues with the implementatio ... | buster, sid, stretch | |
CVE-2017-1085 | In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() ... | buster, sid, stretch | |
CVE-2017-1086 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4 ... | buster, sid, stretch | |
CVE-2017-1087 | In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE- ... | buster, sid, stretch | |
CVE-2017-1088 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4 ... | buster, sid, stretch | |
CVE-2017-15037 | In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_s ... | buster, sid, stretch | |
CVE-2018-6916 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELE ... | buster, sid, stretch | |
CVE-2018-6917 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELE ... | buster, sid, stretch | |
CVE-2018-6918 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELE ... | buster, sid, stretch | |
CVE-2018-6919 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELE ... | buster, sid, stretch | |
CVE-2018-6920 | In FreeBSD before 11.1-STABLE(r332303), 11.1-RELEASE-p10, 10.4-STABLE( ... | buster, sid, stretch | |
CVE-2018-6921 | In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to in ... | buster, sid, stretch | |
CVE-2018-6922 | One of the data structures that holds TCP segments in all versions of ... | buster, sid, stretch | |
CVE-2018-6923 | In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip f ... | buster, sid, stretch | |
CVE-2018-6924 | In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4 ... | buster, sid, stretch | |
CVE-2018-6925 | In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE- ... | buster, sid, stretch | |
CVE-2018-17154 | In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELE ... | buster, sid, stretch | |
CVE-2018-17155 | In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE- ... | buster, sid, stretch | |
CVE-2018-17156 | In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to inc ... | buster, sid, stretch | |
CVE-2019-5595 | In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r ... | buster, sid, stretch | |
CVE-2019-5596 | In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE b ... | buster, sid, stretch | |
CVE-2019-5597 | In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEAS ... | buster, sid, stretch | |
CVE-2019-5598 | In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, ... | buster, sid, stretch | |
CVE-2019-5601 | In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEAS ... | buster, sid, stretch | |
CVE-2019-5602 | In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEAS ... | buster, sid, stretch | |
CVE-2019-5603 | In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEAS ... | buster, sid, stretch | |
CVE-2019-5605 | In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEAS ... | buster, sid, stretch | |
CVE-2019-5606 | In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEAS ... | buster, sid, stretch | |
CVE-2019-5609 | In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEAS ... | buster, sid, stretch | |
CVE-2019-5611 | In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEAS ... | buster, sid, stretch | |
CVE-2019-5612 | In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEAS ... | buster, sid, stretch | |
CVE-2019-5614 | In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEAS ... | buster, sid, stretch | |
CVE-2019-15874 | In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEAS ... | buster, sid, stretch | |
CVE-2019-15875 | In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEAS ... | buster, sid, stretch | |
CVE-2019-15878 | In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and ... | buster, sid, stretch | |
CVE-2020-7452 | In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEAS ... | buster, sid, stretch | |
CVE-2020-7453 | In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEAS ... | buster, sid, stretch | |
CVE-2020-7456 | In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-ST ... | buster, sid, stretch | |
CVE-2020-7459 | In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-ST ... | buster, sid, stretch | |
CVE-2020-7462 | In 11.4-PRERELEASE before r360733 and 11.3-RELEASE before p13, imprope ... | buster, sid, stretch | |
CVE-2020-7463 | In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12. ... | buster, sid, stretch | |
CVE-2020-7464 | In FreeBSD 12.2-STABLE before r365730, 11.4-STABLE before r365738, 12. ... | buster, sid, stretch | |
CVE-2020-7469 | In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12. ... | buster, sid, stretch | |
CVE-2020-25578 | In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12. ... | buster, sid, stretch | |
CVE-2020-25579 | In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12. ... | buster, sid, stretch | |
CVE-2020-25581 | In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12. ... | buster, sid, stretch | |
CVE-2020-25582 | In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12. ... | buster, sid, stretch | |
CVE-2021-29626 | In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11. ... | buster, sid, stretch | |
CVE-2021-29632 | In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before ... | buster, sid, stretch | |
kiwi | CVE-2017-17532 | examples/framework/news/news3.py in Kiwi 1.9.22 does not validate stri ... | bookworm, buster, sid, stretch |
kopano-webapp-plugin-files | CVE-2019-16774 | In phpfastcache before 5.1.3, there is a possible object injection vul ... | buster |
krb5 | CVE-2004-0971 | The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Sec ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-15088 | plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka ... | stretch | |
CVE-2018-5709 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The ... | bookworm, bullseye, buster, sid, stretch | |
lbreakout2 | TEMP-0608980-E8B8DF | Crash with long HOME environment variable | bookworm, bullseye, buster, sid, stretch |
leocad | CVE-2021-31804 | LeoCAD before 21.03 sometimes allows a use-after-free during the openi ... | bookworm, bullseye, buster, sid, stretch |
leptonlib | CVE-2018-7247 | An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Lepto ... | stretch |
CVE-2018-7441 | Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might al ... | stretch | |
libao | CVE-2017-11548 | The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 a ... | bookworm, bullseye, buster, sid, stretch |
libapache-poi-java | CVE-2016-5000 | The XLSX2CSV example in Apache POI before 3.14 allows remote attackers ... | bookworm, bullseye, buster, sid, stretch |
CVE-2019-12415 | In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to conv ... | bookworm, bullseye, buster, sid, stretch | |
libcaca | CVE-2022-0856 | libcaca is affected by a Divide By Zero issue via img2txt, which allow ... | bookworm, bullseye, buster, sid, stretch |
libcommons-collections4-java | CVE-2015-7501 | Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data G ... | bookworm, bullseye, buster, sid, stretch |
libcommons-fileupload-java | CVE-2016-1000031 | Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation ... | bookworm, bullseye, buster, sid, stretch |
libcrypto++ | CVE-2016-7420 | Crypto++ (aka cryptopp) through 5.6.4 does not document the requiremen ... | bookworm, bullseye, buster, sid, stretch |
CVE-2021-43398 | ** DISPUTED ** Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a ti ... | bookworm, bullseye, buster, sid, stretch | |
libdata-uuid-perl | CVE-2013-4184 | Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink a ... | bookworm, bullseye, buster, sid, stretch |
libdata-validate-ip-perl | CVE-2021-29662 | The Data::Validate::IP module through 0.29 for Perl does not properly ... | buster, stretch |
libesmtp | CVE-2019-19977 | libESMTP through 1.0.6 mishandles domain copying into a fixed-size buf ... | bookworm, bullseye, buster, sid, stretch |
libfsntfs | CVE-2018-11727 | ** DISPUTED ** The libfsntfs_attribute_read_from_mft function in libfs ... | stretch |
CVE-2018-11728 | ** DISPUTED ** The libfsntfs_reparse_point_values_read_data function i ... | stretch | |
CVE-2018-11729 | ** DISPUTED ** The libfsntfs_mft_entry_read_header function in libfsnt ... | stretch | |
CVE-2018-11730 | ** DISPUTED ** The libfsntfs_security_descriptor_values_free function ... | stretch | |
CVE-2018-11731 | ** DISPUTED ** The libfsntfs_mft_entry_read_attributes function in lib ... | stretch | |
libfwsi | CVE-2019-17263 | ** DISPUTED ** In libyal libfwsi before 20191006, libfwsi_extension_bl ... | bookworm, bullseye, buster, sid, stretch |
libgadu | CVE-2013-4488 | libgadu before 1.12.0 does not verify X.509 certificates from SSL serv ... | bookworm, bullseye, buster, sid, stretch |
libgcrypt20 | CVE-2018-6829 | cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ... | bookworm, bullseye, buster, sid, stretch |
libgig | CVE-2018-14449 | An issue was discovered in libgig 4.1.0. There is an out of bounds rea ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-14450 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14451 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14452 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14453 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14454 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14455 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14456 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14457 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14458 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-14459 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18192 | An issue was discovered in libgig 4.1.0. There is a NULL pointer deref ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18193 | An issue was discovered in libgig 4.1.0. There is operator new[] failu ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18194 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18195 | An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-ze ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18196 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18197 | An issue was discovered in libgig 4.1.0. There is an operator new[] fa ... | bookworm, bullseye, buster, sid, stretch | |
libgnumail-java | CVE-2005-1105 | Directory traversal vulnerability in the MimeBodyPart.getFileName meth ... | stretch |
libjpeg-turbo | CVE-2017-15232 | libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and j ... | buster, stretch |
CVE-2018-11813 | libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles ... | buster, stretch | |
CVE-2020-17541 | Libjpeg-turbo all version have a stack-based buffer overflow in the "t ... | buster, stretch | |
libjpeg6b | CVE-2016-3616 | The cjpeg utility in libjpeg allows remote attackers to cause a denial ... | sid |
libjs-handlebars | TEMP-0000000-345A3B | handlebars: quoteless attributes in templates can lead to content injection | stretch |
libjs-i18next | CVE-2017-16010 | i18next is a language translation framework. When using the .init meth ... | buster, stretch |
liblivemedia | CVE-2019-7732 | In Live555 0.95, a setup packet can cause a memory leak leading to DoS ... | buster, stretch |
liblnk | CVE-2018-12096 | ** DISPUTED ** The liblnk_data_string_get_utf8_string_size function in ... | stretch |
CVE-2018-12097 | ** DISPUTED ** The liblnk_location_information_read_data function in l ... | stretch | |
CVE-2018-12098 | ** DISPUTED ** The liblnk_data_block_read function in liblnk_data_bloc ... | stretch | |
CVE-2019-17263 | ** DISPUTED ** In libyal libfwsi before 20191006, libfwsi_extension_bl ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-17264 | ** DISPUTED ** In libyal liblnk before 20191006, liblnk_location_infor ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-17401 | ** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer over-rea ... | bookworm, bullseye, buster, sid, stretch | |
libmspack | CVE-2018-18586 | ** DISPUTED ** chmextract.c in the chmextract sample program, as distr ... | stretch |
libokhttp-java | CVE-2018-20200 | ** DISPUTED ** CertificatePinner.java in OkHttp 3.x through 3.12.0 all ... | bookworm, bullseye, buster, sid |
libopenmpt | CVE-2019-14382 | DSM in libopenmpt before 0.4.2 allows an assertion failure during file ... | stretch |
CVE-2019-14383 | J2B in libopenmpt before 0.4.2 allows an assertion failure during file ... | stretch | |
libphp-adodb | CVE-2006-4976 | The Date Library in John Lim ADOdb Library for PHP allows remote attac ... | bookworm, bullseye, buster, sid, stretch |
CVE-2011-3699 | John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain ... | bookworm, bullseye, buster, sid, stretch | |
libphp-phpmailer | CVE-2017-11503 | PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Add ... | stretch |
libpng1.6 | CVE-2018-14048 | An issue has been found in libpng 1.6.34. It is a SEGV in the function ... | buster, stretch |
CVE-2018-14550 | An issue has been found in third-party PNM decoding associated with li ... | buster, stretch | |
CVE-2019-6129 | ** DISPUTED ** png_create_info_struct in png.c in libpng 1.6.36 has a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-4214 | bookworm, bullseye, buster, sid, stretch | ||
libpodofo | CVE-2018-20797 | An issue was discovered in PoDoFo 0.9.6. There is an attempted excessi ... | bookworm, bullseye, buster, sid, stretch |
libqb | CVE-2019-12779 | libqb before 1.0.5 allows local users to overwrite arbitrary files via ... | stretch |
libquicktime | CVE-2017-12143 | In libquicktime 1.2.4, an allocation failure was found in the function ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-12145 | In libquicktime 1.2.4, an allocation failure was found in the function ... | bookworm, bullseye, buster, sid, stretch | |
libraw | CVE-2020-24890 | ** DISPUTED ** libraw 20.0 has a null pointer dereference vulnerabilit ... | bookworm, bullseye, buster, sid, stretch |
libreoffice | CVE-2012-5639 | LibreOffice and OpenOffice automatically open embedded content ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-10583 | An information disclosure vulnerability occurs when LibreOffice 6.0.3 ... | bookworm, bullseye, buster, sid, stretch | |
libreswan | CVE-2018-5389 | The Internet Key Exchange v1 main mode is vulnerable to offline dictio ... | bookworm, bullseye, buster, sid |
libsass | CVE-2019-18797 | LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sas ... | bookworm, bullseye, buster, sid, stretch |
libseccomp | CVE-2019-9893 | libseccomp before 2.4.0 did not correctly generate 64-bit syscall argu ... | buster, stretch |
libsixel | CVE-2019-11024 | The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has ... | buster, stretch |
libslf4j-java | CVE-2018-8088 | org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before ... | stretch |
libslirp | CVE-2020-7211 | tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ ... | bookworm, bullseye, sid |
libsndfile | CVE-2018-13139 | A stack-based buffer overflow in psf_memset in common.c in libsndfile ... | stretch |
CVE-2018-19432 | An issue was discovered in libsndfile 1.0.28. There is a NULL pointer ... | stretch | |
libsolv | CVE-2018-20534 | ** DISPUTED ** There is an illegal address access at ext/testcase.c in ... | buster, stretch |
CVE-2021-3200 | Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * t ... | buster, stretch | |
CVE-2021-44568 | Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv th ... | buster, stretch | |
CVE-2021-44569 | A heap-buffer openSUSE libsolv through 13 Dec 2020 exists in the solve ... | buster, stretch | |
CVE-2021-44570 | Two heap-overflow vulnerabilities exists in openSUSE/libsolv through 1 ... | buster, stretch | |
CVE-2021-44571 | A heap overflow vulnerability exisfts in openSUSE libsolv through 13 D ... | buster, stretch | |
CVE-2021-44573 | Two heap overflow vulnerabilities exist in oenSUSE libsolv through 13 ... | buster, stretch | |
CVE-2021-44574 | A heap-overflow vulnerability exists in openSUSE libsolv through 13 De ... | buster, stretch | |
CVE-2021-44575 | Two heap-overflow vulnerabilities exists in openSUSE libsolv through 1 ... | buster, stretch | |
CVE-2021-44576 | Two memory vulnerabilities exists in openSUSE libsolv through 13 Dec 2 ... | buster, stretch | |
CVE-2021-44577 | Two heap-overflow vulnerabilities exist in openSUSE libsolv through 13 ... | buster, stretch | |
libspiro | CVE-2019-19847 | Libspiro through 20190731 has a stack-based buffer overflow in the spi ... | buster, stretch |
libstb | CVE-2020-6617 | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff ... | bookworm, bullseye, buster, sid |
CVE-2020-6618 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in s ... | bookworm, bullseye, buster, sid | |
CVE-2020-6619 | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf ... | bookworm, bullseye, buster, sid | |
CVE-2020-6620 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in s ... | bookworm, bullseye, buster, sid | |
CVE-2020-6621 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in t ... | bookworm, bullseye, buster, sid | |
CVE-2020-6622 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in s ... | bookworm, bullseye, buster, sid | |
CVE-2020-6623 | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff ... | bookworm, bullseye, buster, sid | |
CVE-2022-25514 | stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow ... | bookworm, bullseye, buster, sid | |
CVE-2022-25515 | stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow ... | bookworm, bullseye, buster, sid | |
CVE-2022-25516 | stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow ... | bookworm, bullseye, buster, sid | |
CVE-2022-27938 | stb_image.h (aka the stb image loader) 2.19, as used in libsixel and o ... | bookworm, bullseye, buster, sid | |
CVE-2022-28048 | STB v2.27 was discovered to contain an integer shift of invalid size i ... | bookworm, bullseye, buster, sid | |
libtasn1-6 | CVE-2018-1000654 | GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 c ... | buster, stretch |
libuv1 | CVE-2020-8252 | The implementation of realpath in libuv < 10.22.1, < 12.18.4, an ... | buster |
libv8-3.14 | CVE-2013-2632 | Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, ... | stretch |
CVE-2013-2838 | Google V8, as used in Google Chrome before 27.0.1453.93, allows remote ... | stretch | |
CVE-2013-2882 | Google V8, as used in Google Chrome before 28.0.1500.95, allows remote ... | stretch | |
CVE-2013-2919 | Google V8, as used in Google Chrome before 30.0.1599.66, allows remote ... | stretch | |
CVE-2013-6638 | Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, ... | stretch | |
CVE-2013-6649 | Use-after-free vulnerability in the RenderSVGImage::paint function in ... | stretch | |
CVE-2013-6650 | The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Goo ... | stretch | |
CVE-2013-6668 | Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, a ... | stretch | |
CVE-2014-1704 | Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, a ... | stretch | |
CVE-2014-1705 | Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and L ... | stretch | |
CVE-2014-1716 | Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype f ... | stretch | |
CVE-2014-1717 | Google V8, as used in Google Chrome before 34.0.1847.116, does not pro ... | stretch | |
CVE-2014-1729 | Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, a ... | stretch | |
CVE-2014-1730 | Google V8, as used in Google Chrome before 34.0.1847.131 on Windows an ... | stretch | |
CVE-2014-1735 | Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, a ... | stretch | |
CVE-2014-1736 | Integer overflow in api.cc in Google V8, as used in Google Chrome befo ... | stretch | |
CVE-2014-3152 | Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm ... | stretch | |
CVE-2014-3188 | Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 ... | stretch | |
CVE-2014-3195 | Google V8, as used in Google Chrome before 38.0.2125.101, does not pro ... | stretch | |
CVE-2014-3199 | The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the ... | stretch | |
CVE-2014-7192 | Eval injection vulnerability in index.js in the syntax-error package b ... | stretch | |
CVE-2014-7927 | The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-l ... | stretch | |
CVE-2014-7928 | hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, d ... | stretch | |
CVE-2014-7931 | factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, ... | stretch | |
CVE-2014-7939 | Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 ... | stretch | |
CVE-2014-7967 | Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, a ... | stretch | |
CVE-2015-1230 | The getHiddenProperty function in bindings/core/v8/V8EventListenerList ... | stretch | |
CVE-2015-1290 | The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and ... | stretch | |
CVE-2015-1304 | object-observe.js in Google V8, as used in Google Chrome before 45.0.2 ... | stretch | |
CVE-2015-1346 | Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, a ... | stretch | |
CVE-2015-2238 | Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as ... | stretch | |
CVE-2015-3333 | Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as ... | stretch | |
CVE-2015-3336 | Google Chrome before 42.0.2311.90 does not always ask the user before ... | stretch | |
CVE-2015-6764 | The BasicJsonStringifier::SerializeJSArray function in json-stringifie ... | stretch | |
CVE-2015-6771 | js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73 ... | stretch | |
CVE-2015-6774 | Use-after-free vulnerability in the GetLoadTimes function in renderer/ ... | stretch | |
libvncserver | CVE-2019-15680 | TightVNC code version 1.3.10 contains null pointer dereference in Hand ... | bookworm, bullseye, buster, sid, stretch |
libvpx | CVE-2017-0641 | A remote denial of service vulnerability in libvpx in Mediaserver coul ... | bookworm, bullseye, buster, sid, stretch |
libvterm | CVE-2018-20786 | libvterm through 0+bzr726, as used in Vim and other products, mishandl ... | bookworm, bullseye, buster, sid, stretch |
libwebp | CVE-2016-9085 | Multiple integer overflows in libwebp allows attackers to have unspeci ... | bookworm, bullseye, buster, sid, stretch |
libwmf | CVE-2007-3476 | Array index error in gd_gif_in.c in the GD Graphics Library (libgd) be ... | bookworm, bullseye, buster, sid, stretch |
CVE-2007-3477 | The (a) imagearc and (b) imagefilledarc functions in GD Graphics Libra ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2007-3996 | Multiple integer overflows in libgd in PHP before 5.2.4 allow remote a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2009-3546 | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5. ... | bookworm, bullseye, buster, sid, stretch | |
TEMP-0601525-BEBB65 | libgd2: gdImageColorTransparent can write outside buffer | bookworm, bullseye, buster, sid, stretch | |
libxerces2-java | CVE-2012-0881 | Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to ca ... | bookworm, bullseye, buster, sid, stretch |
libxfont1 | CVE-2017-13720 | In the PatternMatch function in fontfile/fontdir.c in libXfont through ... | stretch |
CVE-2017-13722 | In the pcfGetProperties function in bitmap/pcfread.c in libXfont throu ... | stretch | |
CVE-2017-16611 | In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker ... | stretch | |
libxslt | CVE-2015-9019 | In libxslt 1.1.29 and earlier, the EXSLT math.random function was not ... | bookworm, bullseye, buster, sid, stretch |
lilo | CVE-2008-3895 | LILO 22.6.1 and earlier stores pre-boot authentication passwords in th ... | buster, sid, stretch |
links2 | CVE-2017-11114 | The put_chars function in html_r.c in Twibright Links 2.14 allows remo ... | stretch |
linux | CVE-2004-0230 | TCP, when using a large Window Size, makes it easier for remote attack ... | bookworm, bullseye, buster, sid, stretch |
CVE-2005-3660 | Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2007-3719 | The process scheduler in the Linux kernel 2.6.16 gives preference to " ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2008-2544 | Mounting /proc filesystem via chroot command silently mounts it in rea ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2008-4609 | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2010-4563 | The Linux kernel, when using IPv6, allows remote attackers to determin ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2010-5321 | Memory leak in drivers/media/video/videobuf-core.c in the videobuf sub ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2011-4915 | fs/proc/base.c in the Linux kernel through 3.1 allows local users to o ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2011-4917 | In the Linux kernel through 3.1 there is an information disclosure iss ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2012-4542 | block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly c ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2014-9892 | The snd_compr_tstamp function in sound/core/compress_offload.c in the ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2014-9900 | The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2015-2877 | ** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel 2.6.3 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-8660 | The XFS subsystem in the Linux kernel through 4.8.2 allows local users ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-10723 | ** DISPUTED ** An issue was discovered in the Linux kernel through 4.1 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-0630 | An information disclosure vulnerability in the kernel trace subsystem ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-9986 | The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel thr ... | stretch | |
CVE-2017-11472 | The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in t ... | stretch | |
CVE-2017-12762 | In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied in ... | stretch | |
CVE-2017-13693 | The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-13694 | The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobje ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-13695 | The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the ... | stretch | |
CVE-2018-1121 | procps-ng, procps is vulnerable to a process hiding through race condi ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-8043 | The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in ... | stretch | |
CVE-2018-17977 | The Linux kernel 4.14.67 mishandles certain interaction among XFRM Net ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-20669 | An issue where a provided address with access_ok() is not checked was ... | stretch | |
CVE-2019-11191 | ** DISPUTED ** The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT i ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12378 | ** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/i ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12379 | ** DISPUTED ** An issue was discovered in con_insert_unipair in driver ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12380 | **DISPUTED** An issue was discovered in the efi subsystem in the Linux ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12381 | ** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12382 | ** DISPUTED ** An issue was discovered in drm_load_edid_firmware in dr ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12455 | ** DISPUTED ** An issue was discovered in sunxi_divs_clk_setup in driv ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12456 | ** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12615 | An issue was discovered in get_vdev_port_node_info in arch/sparc/kerne ... | buster, stretch | |
CVE-2019-16229 | ** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-16230 | ** DISPUTED ** drivers/gpu/drm/radeon/radeon_display.c in the Linux ke ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-16231 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-16232 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-16233 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not chec ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-16234 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-18808 | A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ ... | stretch | |
CVE-2019-19046 | ** DISPUTED ** A memory leak in the __ipmi_bmc_register() function in ... | stretch | |
CVE-2019-19054 | A memory leak in the cx23888_ir_probe() function in drivers/media/pci/ ... | stretch | |
CVE-2019-19060 | A memory leak in the adis_update_scan_mode() function in drivers/iio/i ... | stretch | |
CVE-2019-19061 | A memory leak in the adis_update_scan_mode_burst() function in drivers ... | stretch | |
CVE-2019-19064 | ** DISPUTED ** A memory leak in the fsl_lpspi_probe() function in driv ... | buster, stretch | |
CVE-2019-19067 | ** DISPUTED ** Four memory leaks in the acp_hw_init() function in driv ... | stretch | |
CVE-2019-19070 | ** DISPUTED ** A memory leak in the spi_gpio_probe() function in drive ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-19075 | A memory leak in the ca8210_probe() function in drivers/net/ieee802154 ... | stretch | |
CVE-2019-19083 | Memory leaks in *clock_source_create() functions under drivers/gpu/drm ... | buster | |
CVE-2020-11725 | ** DISPUTED ** snd_ctl_elem_add in sound/core/control.c in the Linux k ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-27820 | A vulnerability was found in Linux kernel, where a use-after-frees in ... | buster, stretch | |
CVE-2020-35501 | A flaw was found in the Linux kernels implementation of audit rules, w ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-0929 | In ion_dma_buf_end_cpu_access and related functions of ion.c, there is ... | buster, stretch | |
CVE-2021-26934 | An issue was discovered in the Linux kernel 4.18 through 5.10.16, as u ... | bookworm, bullseye, buster, sid | |
CVE-2021-32078 | An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/perso ... | bullseye, buster, stretch | |
CVE-2022-1516 | A NULL pointer dereference flaw was found in the Linux kernel’s ... | buster, stretch | |
CVE-2022-1734 | bookworm, bullseye, buster, sid, stretch | ||
CVE-2022-25265 | In the Linux kernel through 5.16.10, certain binary files may have the ... | bookworm, bullseye, buster, sid, stretch | |
TEMP-0000000-F7A20F | Kernel: Unprivileged user can freeze journald | bookworm, bullseye, buster, sid, stretch | |
lldpad | CVE-2018-10932 | lldptool version 1.0.1 and older can print a raw, unsanitized attacker ... | stretch |
loguru | CVE-2022-0338 | Improper Privilege Management in Conda loguru prior to 0.5.3. ... | bookworm, sid |
lrzip | CVE-2019-10654 | The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in ... | bookworm, bullseye, buster, sid, stretch |
CVE-2021-27345 | A null pointer dereference was discovered in ucompthread in stream.c i ... | buster | |
CVE-2021-27347 | Use after free in lzma_decompress_buf function in stream.c in Irzip 0. ... | buster | |
lua-cgi | CVE-2014-2875 | The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses wea ... | bookworm, bullseye, buster, sid, stretch |
luajit | CVE-2019-19391 | ** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit before 2.1. ... | bookworm, bullseye, buster, stretch |
CVE-2020-15890 | LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc hand ... | bookworm, bullseye, buster | |
CVE-2020-24372 | LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in ... | bookworm, bullseye, buster, sid, stretch | |
lucene-solr | CVE-2017-3164 | Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (in ... | bookworm, bullseye, buster, sid, stretch |
CVE-2019-17558 | Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ... | bookworm, bullseye, buster, sid, stretch | |
lxc | CVE-2019-5736 | runc through 1.0-rc6, as used in Docker before 18.09.2 and other produ ... | stretch |
lynis | CVE-2017-8108 | Unspecified tests in Lynis before 2.5.0 allow local users to write to ... | stretch |
CVE-2019-13033 | In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by ... | buster, stretch | |
CVE-2020-13882 | CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TO ... | buster, stretch | |
m2crypto | CVE-2009-0127 | ** DISPUTED ** M2Crypto does not properly check the return value from ... | bookworm, bullseye, buster, sid, stretch |
m4 | CVE-2008-1687 | The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1. ... | bookworm, bullseye, buster, sid, stretch |
CVE-2008-1688 | Unspecified vulnerability in GNU m4 before 1.4.11 might allow context- ... | bookworm, bullseye, buster, sid, stretch | |
magpierss | CVE-2006-4735 | Kellan Elliott-McCrea MagpieRSS allows remote attackers to obtain sens ... | buster, stretch |
maildirsync | CVE-2008-5150 | sample.sh in maildirsync 1.1 allows local users to append data to arbi ... | bookworm, bullseye, buster, sid, stretch |
mailutils | CVE-2019-18862 | maidag in GNU Mailutils before 3.8 is installed setuid and allows loca ... | stretch |
matanza | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... | bookworm, bullseye, buster, sid, stretch |
CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... | bookworm, bullseye, buster, sid, stretch | |
mbedtls | CVE-2018-1000520 | ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows In ... | bookworm, bullseye, buster, sid, stretch |
mcollective | CVE-2014-0175 | mcollective has a default password set at install ... | bookworm, bullseye, buster, sid |
mediaelement | CVE-2016-4567 | Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as ... | bookworm, bullseye, buster, sid, stretch |
mediawiki | CVE-2007-0894 | MediaWiki before 1.9.2 allows remote attackers to obtain sensitive inf ... | bookworm, bullseye, buster, sid, stretch |
CVE-2014-1686 | MediaWiki 1.18.0 allows remote attackers to obtain the installation pa ... | bookworm, bullseye, buster, sid, stretch | |
mercurial | CVE-2018-17983 | cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read du ... | stretch |
metview | CVE-2017-17515 | ** DISPUTED ** etc/ObjectList in Metview 4.7.3 does not validate strin ... | bookworm, bullseye, buster, sid, stretch |
mgetty | CVE-2018-16742 | An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a ... | stretch |
CVE-2018-16743 | An issue was discovered in mgetty before 1.2.1. In contrib/next-login/ ... | stretch | |
mh-book | CVE-2008-5152 | inmail-show in mh-book 200605 allows local users to overwrite arbitrar ... | bookworm, bullseye, buster, sid, stretch |
midori | CVE-2012-2132 | libsoup 2.32.2 and earlier does not validate certificates or clear the ... | bullseye, buster, stretch |
CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | bullseye, buster, stretch | |
mingw-w64 | CVE-2018-5392 | mingw-w64 version 5.0.4 by default produces executables that opt in to ... | bookworm, bullseye, buster, sid, stretch |
mini-httpd | CVE-2009-4490 | mini_httpd 1.19 writes data to a log file without sanitizing non-print ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-17663 | The htpasswd implementation of mini_httpd before v1.28 and of thttpd b ... | bookworm, bullseye, buster, sid, stretch | |
minidjvu | CVE-2017-12441 | The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can ca ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-12442 | The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can ca ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-12443 | The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 c ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-12444 | The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidj ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-12445 | The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cp ... | bookworm, bullseye, buster, sid, stretch | |
miniupnpc | CVE-2017-1000494 | Uninitialized stack variable vulnerability in NameValueParserEndElt (u ... | stretch |
modsecurity-crs | CVE-2019-11387 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | buster, stretch |
CVE-2019-11388 | ** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-11389 | ** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-11390 | ** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-11391 | ** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule ... | bookworm, bullseye, buster, sid, stretch | |
moin | CVE-2007-0902 | Unspecified vulnerability in the "Show debugging information" feature ... | buster, stretch |
mojarra | CVE-2010-2087 | Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application ... | bookworm, bullseye, buster, sid, stretch |
mongodb | CVE-2015-2327 | PCRE before 8.36 mishandles the /(((a\2)|(a*)\g<-1>))*/ pattern ... | stretch |
CVE-2015-2328 | PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related ... | stretch | |
mono-reference-assemblies | CVE-2018-1002208 | SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allow ... | stretch |
monopd | CVE-2015-0841 | Off-by-one error in the readBuf function in listener.cpp in libcapsine ... | bookworm, bullseye, buster, sid, stretch |
mozilla-noscript | CVE-2018-16983 | NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other ... | buster, sid |
mp3splt | CVE-2017-5665 | The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allo ... | bookworm, bullseye, buster, sid |
CVE-2017-5666 | The free_options function in options_manager.c in mp3splt 2.6.2 allows ... | bookworm, bullseye, buster, sid | |
CVE-2017-5851 | The free_options function in options_manager.c in mp3splt 2.6.2 allows ... | bookworm, bullseye, buster, sid | |
mpg123 | CVE-2017-11126 | The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25 ... | stretch |
mupdf | CVE-2018-19777 | In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg ... | buster, stretch |
mustache.js | CVE-2015-8861 | The handlebars package before 4.0.0 for Node.js allows remote attacker ... | bookworm, bullseye, buster, sid, stretch |
CVE-2015-8862 | mustache package before 2.2.1 for Node.js allows remote attackers to c ... | bookworm, bullseye, buster, sid, stretch | |
TEMP-0000000-137F0A | quoteless attributes in templates can lead to content injection | bookworm, bullseye, buster, sid, stretch | |
mutt | CVE-2007-1268 | Mutt 1.5.13 and earlier does not properly use the --status-fd argument ... | bookworm, bullseye, buster, sid, stretch |
CVE-2020-14154 | Mutt before 1.14.3 proceeds with a connection even if, in response to ... | stretch | |
mxml | CVE-2018-20005 | An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after ... | bookworm, bullseye, buster, sid, stretch |
nacl | CVE-2015-0565 | NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks ... | bookworm, bullseye, buster, sid, stretch |
nagios4 | CVE-2020-35269 | Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ... | bookworm, bullseye, buster, sid |
nasm | CVE-2017-14228 | In Netwide Assembler (NASM) 2.14rc0, there is an illegal address acces ... | stretch |
CVE-2018-10316 | Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the asse ... | stretch | |
CVE-2018-16382 | Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regfla ... | stretch | |
CVE-2018-16517 | asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dere ... | stretch | |
CVE-2018-16999 | Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segment ... | stretch | |
CVE-2018-19209 | Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in th ... | stretch | |
CVE-2018-19213 | Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may le ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-19214 | Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in ... | stretch | |
CVE-2018-19215 | Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in ... | stretch | |
CVE-2018-19755 | There is an illegal address access at asm/preproc.c (function: is_mmac ... | buster, stretch | |
CVE-2018-20535 | There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ... | buster, stretch | |
CVE-2018-20538 | There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-1000667 | NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains ... | stretch | |
CVE-2018-1000886 | nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-6290 | An infinite recursion issue was discovered in eval.c in Netwide Assemb ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-6291 | An issue was discovered in the function expr6 in eval.c in Netwide Ass ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-8343 | In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in past ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-14248 | In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows ... | buster, stretch | |
CVE-2019-20334 | In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-20352 | In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occ ... | buster, stretch | |
CVE-2020-18974 | Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-24241 | In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in ... | buster, stretch | |
CVE-2020-24242 | In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_tex ... | buster, stretch | |
CVE-2021-45256 | A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-45257 | An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_t ... | bookworm, bullseye, buster, sid, stretch | |
ncurses | CVE-2021-39537 | An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in ca ... | bookworm, bullseye, buster, sid, stretch |
neomutt | CVE-2020-14154 | Mutt before 1.14.3 proceeds with a connection even if, in response to ... | buster |
net-tools | CVE-2002-1976 | ifconfig, when used on the Linux kernel 2.2 and later, does not report ... | bookworm, bullseye, buster, sid, stretch |
netbeans | CVE-2019-17560 | The "Apache NetBeans" autoupdate system does not validate SSL certific ... | stretch |
CVE-2019-17561 | The "Apache NetBeans" autoupdate system does not fully validate code s ... | stretch | |
netdata | CVE-2019-9834 | ** DISPUTED ** The Netdata web application through 1.13.0 allows remot ... | bookworm, bullseye, buster, sid |
nethack | CVE-2019-19905 | NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability ... | buster, stretch |
CVE-2020-5209 | In NetHack before 3.6.5, unknown options starting with -de and -i can ... | buster, stretch | |
CVE-2020-5210 | In NetHack before 3.6.5, an invalid argument to the -w command line op ... | buster, stretch | |
CVE-2020-5211 | In NetHack before 3.6.5, an invalid extended command in value for the ... | buster, stretch | |
CVE-2020-5212 | In NetHack before 3.6.5, an extremely long value for the MENUCOLOR con ... | buster, stretch | |
CVE-2020-5213 | In NetHack before 3.6.5, too long of a value for the SYMBOL configurat ... | buster, stretch | |
CVE-2020-5214 | In NetHack before 3.6.5, detecting an unknown configuration file optio ... | buster, stretch | |
netmask | TEMP-0921565-C5FF8E | netmask: buffer overflow vulnerability | stretch |
netty | CVE-2022-24823 | Netty is an open-source, asynchronous event-driven network application ... | bookworm, bullseye, buster, sid, stretch |
network-manager | CVE-2020-10754 | It was found that nmcli, a command line interface to NetworkManager di ... | buster, stretch |
network-manager-applet | CVE-2017-6590 | An issue was discovered in network-manager-applet (aka network-manager ... | bookworm, bullseye, buster, sid, stretch |
neutron | CVE-2021-40797 | An issue was discovered in the routes middleware in OpenStack Neutron ... | stretch |
nghttp2 | TEMP-0000000-A4EF31 | Null pointer access in inflatehd tool | bookworm, bullseye, buster, sid, stretch |
nginx | CVE-2009-4487 | nginx 0.7.64 writes data to a log file without sanitizing non-printabl ... | bookworm, bullseye, buster, sid, stretch |
nip2 | CVE-2017-17514 | ** DISPUTED ** boxes.c in nip2 8.4.0 does not validate strings before ... | bookworm, bullseye, buster, sid, stretch |
nmap | CVE-2017-18594 | nse_libssh2.cc in Nmap 7.70 is subject to a denial of service conditio ... | buster, stretch |
CVE-2018-15173 | Nmap through 7.70, when the -sV option is used, allows remote attacker ... | bookworm, bullseye, buster, sid, stretch | |
node-cookie-signature | CVE-2016-1000236 | Node-cookie-signature before 1.0.6 is affected by a timing attack due ... | stretch |
node-debug | CVE-2017-16137 | The debug module is vulnerable to regular expression denial of service ... | stretch |
node-deep-extend | CVE-2018-3750 | The utilities function in all versions <= 0.5.0 of the deep-extend ... | stretch |
node-express | CVE-2014-6393 | The Express web framework before 3.11 and 4.x before 4.5 for Node.js d ... | stretch |
node-extend | CVE-2018-16491 | A prototype pollution vulnerability was found in node.extend <1.1.7 ... | stretch |
CVE-2018-16492 | A prototype pollution vulnerability was found in module extend <2.0 ... | stretch | |
node-lodash | CVE-2018-3721 | lodash node module before 4.17.5 suffers from a Modification of Assume ... | stretch |
CVE-2018-16487 | A prototype pollution vulnerability was found in lodash <4.17.11 wh ... | stretch | |
CVE-2019-1010266 | lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource ... | stretch | |
node-marked | CVE-2017-16114 | The marked module is vulnerable to a regular expression denial of serv ... | stretch |
CVE-2017-1000427 | marked version 0.3.6 and earlier is vulnerable to an XSS attack in the ... | stretch | |
node-mime | CVE-2017-16138 | The mime module < 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expr ... | stretch |
node-moment | CVE-2017-18214 | The moment module before 2.19.3 for Node.js is prone to a regular expr ... | stretch |
node-negotiator | CVE-2016-10539 | negotiator is an HTTP content negotiator for Node.js and is used by ma ... | stretch |
node-send | CVE-2015-8859 | The send package before 0.11.1 for Node.js allows attackers to obtain ... | stretch |
TEMP-0000000-FD1F92 | root path disclosure | stretch | |
node-serve-index | CVE-2015-8856 | Cross-site scripting (XSS) vulnerability in the serve-index package be ... | stretch |
node-uuid | CVE-2015-8851 | node-uuid before 1.4.4 uses insufficiently random data to create a GUI ... | stretch |
nodejs | CVE-2017-11499 | Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11. ... | stretch |
CVE-2018-7158 | The `'path'` module in the Node.js 4.x release line contains a potenti ... | stretch | |
CVE-2018-7159 | The HTTP parser in all current versions of Node.js ignores spaces in t ... | stretch | |
CVE-2018-7167 | Calling Buffer.fill() or Buffer.alloc() with some parameters can lead ... | stretch | |
CVE-2018-12115 | In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when use ... | stretch | |
CVE-2018-12116 | Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request ... | stretch | |
CVE-2018-12120 | Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 list ... | stretch | |
CVE-2018-12121 | Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11. ... | stretch | |
CVE-2018-12122 | Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11. ... | stretch | |
CVE-2018-12123 | Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11. ... | stretch | |
CVE-2019-5737 | In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before ... | stretch | |
CVE-2019-5739 | Keep-alive HTTP and HTTPS connections can remain open and inactive for ... | stretch | |
nova | CVE-2013-0326 | OpenStack nova base images permissions are world readable ... | bookworm, bullseye, buster, sid, stretch |
nss | CVE-2017-11695 | Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/h ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-11696 | Heap-based buffer overflow in the __hash_open function in lib/dbm/src/ ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-11697 | The __hash_open function in hash.c:229 in Mozilla Network Security Ser ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-11698 | Heap-based buffer overflow in the __get_page function in lib/dbm/src/h ... | bookworm, bullseye, buster, sid, stretch | |
ntp | CVE-2018-12327 | Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 ... | bullseye, buster, stretch |
numpy | CVE-2021-41495 | ** DISPUTED ** Null Pointer Dereference vulnerability exists in numpy. ... | bookworm, bullseye, sid |
CVE-2021-41496 | ** DISPUTED ** Buffer overflow in the array_from_pyobj function of for ... | bookworm, bullseye, sid | |
nvidia-cg-toolkit | CVE-2008-5144 | nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local ... | bookworm, bullseye, buster, sid, stretch |
ocaml-batteries | CVE-2017-17519 | batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) ... | bookworm, bullseye, buster, sid, stretch |
ocsinventory-server | CVE-2010-1733 | Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02 ... | bookworm, bullseye, buster, sid |
CVE-2014-4722 | Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports ... | bookworm, bullseye, buster, sid | |
CVE-2018-14857 | Unrestricted file upload (with remote code execution) in require/mail/ ... | bookworm, bullseye, buster, sid | |
CVE-2018-15537 | Unrestricted file upload (with remote code execution) in OCS Inventory ... | bookworm, bullseye, buster, sid | |
CVE-2020-14947 | OCS Inventory NG 2.7 allows Remote Command Execution via shell metacha ... | bookworm, bullseye, buster, sid | |
openconnect | CVE-2020-12105 | OpenConnect through 8.08 mishandles negative return values from X509_c ... | bookworm, bullseye, buster, sid, stretch |
CVE-2020-12823 | OpenConnect 8.09 has a buffer overflow, causing a denial of service (a ... | buster, stretch | |
opendkim | CVE-2020-35766 | The test suite in libopendkim in OpenDKIM through 2.10.3 allows local ... | bookworm, bullseye, buster, sid, stretch |
openexr | CVE-2017-14988 | ** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2 ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-18443 | OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/Ilm ... | buster, stretch | |
CVE-2021-20304 | Undefined-shift in Imf_2_5::hufDecode | buster, stretch | |
CVE-2021-26945 | An integer overflow leading to a heap-buffer overflow was found in Ope ... | bookworm, bullseye, buster, sid, stretch | |
openfortivpn | CVE-2020-7043 | An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL ... | buster |
openjpeg2 | CVE-2016-9113 | There is a NULL pointer dereference in function imagetobmp of convertb ... | bookworm, bullseye, buster, sid, stretch |
CVE-2016-9114 | There is a NULL Pointer Access in function imagetopnm of convert.c:194 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9115 | Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9116 | NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in O ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9117 | NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in O ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9580 | An integer overflow vulnerability was found in tiftoimage function in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-9581 | An infinite loop vulnerability in tiftoimage that results in heap buff ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-10505 | NULL pointer dereference vulnerabilities in the imagetopnm function in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-10506 | Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, op ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-12982 | The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG ... | stretch | |
CVE-2017-17479 | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-5727 | In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the o ... | buster, stretch | |
CVE-2018-7648 | An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. Th ... | buster, stretch | |
CVE-2018-16375 | An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_i ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-16376 | An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflo ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-20845 | Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_nex ... | buster, stretch | |
CVE-2018-20846 | Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi ... | bookworm, bullseye, buster, sid, stretch | |
openldap | CVE-2015-3276 | The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDA ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-14159 | slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-17740 | contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when bot ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-15719 | libldap in certain third-party OpenLDAP packages has a certificate-val ... | bookworm, bullseye, buster, sid, stretch | |
openrpt | CVE-2015-2305 | Integer overflow in the regcomp implementation in the Henry Spencer BS ... | buster, stretch |
opensc | CVE-2019-6502 | sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory ... | buster, stretch |
openscad | CVE-2022-0496 | bullseye, buster, stretch | |
CVE-2022-0497 | bullseye, buster, stretch | ||
openssh | CVE-2007-2243 | OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabl ... | bookworm, bullseye, buster, sid, stretch |
CVE-2007-2768 | OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2008-3234 | sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapsh ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2016-20012 | ** DISPUTED ** OpenSSH through 8.7 allows remote attackers, who have a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-15919 | Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 co ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-6110 | In OpenSSH 7.9, due to accepting and displaying arbitrary stderr outpu ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-16905 | OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an expe ... | buster | |
CVE-2020-12062 | ** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends duplica ... | buster, stretch | |
CVE-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepan ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-15778 | ** DISPUTED ** scp in OpenSSH through 8.3p1 allows command injection i ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-36368 | ** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a cli ... | bullseye, buster, stretch | |
openssl | CVE-2007-6755 | The NIST SP 800-90A default statement of the Dual Elliptic Curve Deter ... | bookworm, bullseye, buster, sid, stretch |
CVE-2010-0928 | OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex- ... | bookworm, bullseye, buster, sid, stretch | |
openstack-trove | CVE-2015-3156 | The _write_config function in trove/guestagent/datastore/experimental/ ... | sid, stretch |
openvpn | CVE-2006-2229 | OpenVPN 2.0.7 and earlier, when configured to use the --management opt ... | bookworm, bullseye, buster, sid, stretch |
CVE-2016-6329 | OpenVPN, when using a 64-bit block cipher, makes it easier for remote ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-7522 | OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to deni ... | stretch | |
CVE-2018-7544 | ** DISPUTED ** A cross-protocol scripting issue was discovered in the ... | bookworm, bullseye, buster, sid, stretch | |
openvswitch | CVE-2017-9263 | In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status mes ... | stretch |
CVE-2017-9264 | In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS ... | stretch | |
CVE-2017-9265 | In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsin ... | stretch | |
CVE-2017-14970 | In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multip ... | stretch | |
os-prober | CVE-2008-5135 | bookworm, bullseye, buster, sid, stretch | |
otrs2 | CVE-2018-7567 | ** DISPUTED ** In the Admin Package Manager in Open Ticket Request Sys ... | bullseye, buster, sid, stretch |
pandas | CVE-2020-13091 | ** DISPUTED ** pandas through 1.0.3 can unserialize and execute comman ... | bookworm, bullseye, buster, sid, stretch |
parso | CVE-2019-12760 | ** DISPUTED ** A deserialization vulnerability exists in the way parso ... | buster |
pasdoc | CVE-2017-17527 | ** DISPUTED ** delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does n ... | stretch |
passenger | CVE-2016-10345 | In Phusion Passenger before 5.1.0, a known /tmp filename was used duri ... | bullseye, buster, stretch |
password-store | CVE-2020-28086 | pass through 1.7.3 has a possibility of using a password for an uninte ... | bookworm, bullseye, buster, sid, stretch |
patch | CVE-2010-4651 | Directory traversal vulnerability in util.c in GNU patch 2.6.1 and ear ... | bookworm, bullseye, buster, sid, stretch |
CVE-2016-10713 | An issue was discovered in GNU patch before 2.7.6. Out-of-bounds acces ... | stretch | |
CVE-2018-6951 | An issue was discovered in GNU patch through 2.7.6. There is a segment ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-6952 | A double free exists in the another_hunk function in pch.c in GNU patc ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-45261 | An Invalid Pointer vulnerability exists in GNU patch 2.7 via the anoth ... | bookworm, bullseye, buster, sid, stretch | |
pax-utils | TEMP-0856196-13C562 | scanelf: out of bounds read in scanelf_file_get_symtabs (scanelf.c) | stretch |
pcf2bdf | CVE-2022-23318 | A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an attac ... | bullseye, buster, stretch |
CVE-2022-23319 | A segmentation fault during PCF file parsing in pcf2bdf versions >= ... | bullseye, buster, stretch | |
pcre2 | CVE-2017-8786 | pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial o ... | stretch |
pcre3 | CVE-2017-7245 | Stack-based buffer overflow in the pcre32_copy_substring function in p ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-7246 | Stack-based buffer overflow in the pcre32_copy_substring function in p ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-11164 | In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exe ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-16231 | ** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-20838 | libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT w ... | bookworm, bullseye, buster, sid, stretch | |
pdfresurrect | CVE-2019-14267 | PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because ... | buster, stretch |
CVE-2020-9549 | In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bou ... | buster, stretch | |
CVE-2021-3508 | A flaw was found in PDFResurrect in version 0.22b. There is an infinit ... | bookworm, bullseye, buster, sid, stretch | |
pdns | CVE-2020-24696 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ... | bookworm, bullseye, buster, sid, stretch |
CVE-2020-24697 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-24698 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ... | bookworm, bullseye, buster, sid, stretch | |
pdns-recursor | CVE-2020-10030 | An issue has been found in PowerDNS Recursor 4.1.0 up to and including ... | buster |
perl | CVE-2011-4116 | _is_safe in the File::Temp module for Perl does not properly handle sy ... | bookworm, bullseye, buster, sid, stretch |
phabricator | CVE-2017-17536 | Phabricator before 2017-11-10 does not block the --config and --debugg ... | bookworm, bullseye, buster, sid, stretch |
phantomjs | CVE-2019-17221 | PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as d ... | buster, stretch |
php-font-lib | CVE-2014-2570 | Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP ... | bookworm, bullseye, buster, sid, stretch |
php-getid3 | CVE-2021-40926 | Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in g ... | bullseye, buster, stretch |
php-gettext | TEMP-0000000-07A77D | php-gettext XSS | bookworm, bullseye, buster, sid, stretch |
php-horde | CVE-2019-12094 | Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin ... | bullseye, buster, sid, stretch |
php-horde-trean | CVE-2019-12095 | Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 ... | bullseye, buster, sid, stretch |
php-pear | CVE-2017-5630 | PECL in the download utility class in the Installer in PEAR Base Syste ... | bookworm, bullseye, buster, sid, stretch |
php7.0 | CVE-2015-9253 | An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before ... | stretch |
CVE-2017-9118 | PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a c ... | stretch | |
CVE-2017-9119 | The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 all ... | stretch | |
CVE-2017-9120 | PHP 7.x through 7.1.5 allows remote attackers to cause a denial of ser ... | stretch | |
CVE-2019-6977 | gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka ... | stretch | |
phpldapadmin | CVE-2018-12689 | phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id param ... | bookworm, sid |
phpmyadmin | CVE-2005-3622 | phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain t ... | bookworm, bullseye, sid, stretch |
CVE-2007-4306 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10 ... | bookworm, bullseye, sid, stretch | |
CVE-2020-11441 | ** DISPUTED ** phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated ... | bookworm, bullseye, sid, stretch | |
CVE-2022-0813 | PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially ... | bullseye, stretch | |
CVE-2022-23807 | An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before ... | bullseye, stretch | |
CVE-2022-23808 | An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker ca ... | bullseye, stretch | |
phpsysinfo | CVE-2006-3360 | Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 all ... | bullseye, sid |
picolibc | CVE-2019-14876 | In the __lshift function of the newlib libc library, all versions prio ... | bookworm, bullseye, sid |
pidgin | CVE-2008-2956 | bookworm, bullseye, buster, sid, stretch | |
CVE-2012-1257 | Pidgin 2.10.0 uses DBUS for certain cleartext communication, which all ... | bookworm, bullseye, buster, sid, stretch | |
pillow | CVE-2020-10994 | In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multipl ... | buster, stretch |
CVE-2021-25287 | An issue was discovered in Pillow before 8.2.0. There is an out-of-bou ... | buster, stretch | |
CVE-2021-25288 | An issue was discovered in Pillow before 8.2.0. There is an out-of-bou ... | buster, stretch | |
pluxml | CVE-2020-18184 | In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_ ... | buster, sid, stretch |
CVE-2020-18185 | class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrar ... | buster, sid, stretch | |
poppler | CVE-2013-4472 | The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-2814 | An exploitable heap overflow vulnerability exists in the image renderi ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-2818 | An exploitable heap overflow vulnerability exists in the image renderi ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-2820 | An exploitable integer overflow vulnerability exists in the JPEG 2000 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-7511 | poppler since version 0.17.3 has been vulnerable to NULL pointer deref ... | stretch | |
CVE-2017-7515 | poppler through version 0.55.0 is vulnerable to an uncontrolled recurs ... | stretch | |
CVE-2017-9083 | poppler 0.54.0, as used in Evince and other products, has a NULL point ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-19059 | An issue was discovered in Poppler 0.71.0. There is a out-of-bounds re ... | buster, stretch | |
CVE-2018-19060 | An issue was discovered in Poppler 0.71.0. There is a NULL pointer der ... | buster, stretch | |
CVE-2018-19149 | Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attac ... | stretch | |
postbooks | CVE-2017-17525 | guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate st ... | buster, stretch |
postgresql-11 | CVE-2019-9193 | ** DISPUTED ** In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGR ... | buster, stretch |
potrace | CVE-2017-12067 | Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubi ... | stretch |
ppp | CVE-2008-5366 | The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local u ... | bookworm, bullseye, buster, sid, stretch |
CVE-2008-5367 | ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to o ... | bookworm, bullseye, buster, sid, stretch | |
printfilters-ppd | CVE-2008-5034 | sid | |
proftpd-dfsg | CVE-2020-9272 | ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap ... | buster, stretch |
prometheus-blackbox-exporter | CVE-2020-16248 | ** DISPUTED ** Prometheus Blackbox Exporter through 0.17.0 allows /pro ... | bookworm, bullseye, buster, sid, stretch |
protobuf | CVE-2015-5237 | protobuf allows remote authenticated attackers to cause a heap-based b ... | bookworm, bullseye, buster, sid, stretch |
pspp | CVE-2017-10791 | There is an Integer overflow in the hash_int function of the libpspp l ... | stretch |
CVE-2017-10792 | There is a NULL Pointer Dereference in the function ll_insert() of the ... | stretch | |
CVE-2017-12958 | There is an illegal address access in the function output_hex() in dat ... | stretch | |
CVE-2017-12959 | There is a reachable assertion abort in the function dict_add_mrset() ... | stretch | |
CVE-2017-12960 | There is a reachable assertion abort in the function dict_rename_var() ... | stretch | |
CVE-2017-12961 | There is an assertion abort in the function parse_attributes() in data ... | stretch | |
CVE-2019-9211 | There is a reachable assertion abort in the function write_long_string ... | buster, stretch | |
ptlib | CVE-2015-2305 | Integer overflow in the regcomp implementation in the Henry Spencer BS ... | stretch |
puppet | CVE-2020-7942 | Previously, Puppet operated on a model that a node with a valid certif ... | bookworm, bullseye, buster, sid, stretch |
puppet-module-puppetlabs-apache | CVE-2018-6508 | Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remot ... | bookworm, bullseye, buster, sid, stretch, bookworm, bullseye, buster, sid, stretch, bookworm, bullseye, buster, sid, stretch |
putty | CVE-2019-17069 | PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial o ... | buster, stretch |
pwgen | CVE-2013-4441 | The Phonemes mode in Pwgen 2.06 generates predictable passwords, which ... | bookworm, bullseye, buster, sid, stretch |
py-lmdb | CVE-2019-16224 | An issue was discovered in py-lmdb 0.97. For certain values of md_flag ... | bookworm, bullseye, sid, stretch |
CVE-2019-16225 | An issue was discovered in py-lmdb 0.97. For certain values of mp_flag ... | bookworm, bullseye, sid, stretch | |
CVE-2019-16226 | An issue was discovered in py-lmdb 0.97. mdb_node_del does not validat ... | bookworm, bullseye, sid, stretch | |
CVE-2019-16227 | An issue was discovered in py-lmdb 0.97. For certain values of mn_flag ... | bookworm, bullseye, sid, stretch | |
CVE-2019-16228 | An issue was discovered in py-lmdb 0.97. There is a divide-by-zero err ... | bookworm, bullseye, sid, stretch | |
pypy | CVE-2020-29651 | A denial of service via regular expression in the py.path.svnwc compon ... | bookworm, bullseye, buster, sid, stretch, bookworm, bullseye, buster, sid |
python-defaults | CVE-2008-4108 | Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) i ... | bookworm, bullseye, buster, sid, stretch |
python-django | CVE-2021-32052 | In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 ( ... | buster, stretch |
python-django-celery-results | CVE-2020-17495 | django-celery-results through 1.2.1 stores task results in the databas ... | bookworm, bullseye, buster, sid |
python-mkdocs | CVE-2021-40978 | ** DISPUTED ** The mkdocs 1.2.2 built-in dev-server allows directory t ... | bookworm, bullseye, buster, sid, stretch |
python-numpy | CVE-2017-12852 | The numpy.pad function in Numpy 1.13.1 and older versions is missing i ... | stretch |
python-pip | CVE-2018-20225 | ** DISPUTED ** An issue was discovered in pip (all versions) because i ... | bookworm, bullseye, buster, sid, stretch |
python-scrapy | CVE-2017-14158 | Scrapy 1.4 allows remote attackers to cause a denial of service (memor ... | bookworm, bullseye, buster, sid, stretch |
python2.7 | CVE-2013-7040 | Python 2.7 before 3.4 only uses the last eight bits of the prefix to r ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-17522 | ** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not vali ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-1000030 | Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Hea ... | stretch | |
CVE-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-18348 | An issue was discovered in urllib2 in Python 2.x through 2.7.17 and ur ... | buster, stretch | |
python3.5 | CVE-2017-17522 | ** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not vali ... | stretch |
CVE-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ... | stretch | |
python3.7 | CVE-2017-17522 | ** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not vali ... | buster |
CVE-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ... | buster | |
CVE-2019-18348 | An issue was discovered in urllib2 in Python 2.x through 2.7.17 and ur ... | buster | |
CVE-2020-27619 | In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ... | buster, bookworm, bullseye, sid | |
pyyaml | CVE-2017-18342 | In PyYAML before 5.1, the yaml.load() API could execute arbitrary code ... | buster, stretch |
qemu | CVE-2016-10028 | The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEM ... | stretch |
CVE-2017-5552 | Memory leak in the virgl_resource_attach_backing function in hw/displa ... | stretch | |
CVE-2017-5578 | Memory leak in the virtio_gpu_resource_attach_backing function in hw/d ... | stretch | |
CVE-2017-8284 | ** DISPUTED ** The disas_insn function in target/i386/translate.c in Q ... | stretch | |
CVE-2017-9060 | Memory leak in the virtio_gpu_set_scanout function in hw/display/virti ... | stretch | |
CVE-2018-20123 | pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak ... | buster | |
CVE-2018-20124 | hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of ... | buster | |
CVE-2018-20125 | hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of ... | buster | |
CVE-2018-20126 | hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory ... | buster | |
CVE-2018-20191 | hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation ... | buster | |
CVE-2018-20216 | QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c becaus ... | buster | |
CVE-2019-12247 | ** DISPUTED ** QEMU 3.0.0 has an Integer Overflow because the qga/comm ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12928 | ** DISPUTED ** The QMP migrate command in QEMU version 4.0.0 and earli ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-12929 | ** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-20175 | ** DISPUTED ** An issue was discovered in ide_dma_cb() in hw/ide/core. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-24352 | An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory ... | bookworm, bullseye, sid | |
qpid-proton | CVE-2018-17187 | The Apache Qpid Proton-J transport includes an optional wrapper layer ... | stretch |
qt4-x11 | CVE-2009-3015 | QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and d ... | buster, stretch |
CVE-2009-3272 | Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safar ... | buster, stretch | |
TEMP-0560108-565B70 | browser-based css info disclosure | buster, stretch | |
TEMP-0568486-B6FCB6 | browser javascript document.write denial-of-service | buster, stretch | |
qtwebkit | CVE-2015-8079 | qt5-qtwebkit before 5.4 records private browsing URLs to its favicon d ... | buster, stretch |
quagga | CVE-2012-5521 | quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon pe ... | buster, stretch |
qutebrowser | CVE-2020-11054 | In qutebrowser versions less than 1.11.1, reloading a page with certif ... | buster |
r-cran-readxl | CVE-2021-27836 | An issue was discoverered in in function xls_getWorkSheet in xls.c in ... | bookworm, bullseye, buster, sid, stretch |
radsecproxy | CVE-2021-32642 | radsecproxy is a generic RADIUS proxy that supports both UDP and TLS ( ... | buster, stretch |
rails | CVE-2010-3299 | The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to p ... | bookworm, bullseye, buster, sid, stretch |
CVE-2011-3187 | The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-17916 | ** DISPUTED ** SQL injection vulnerability in the 'find_by' method in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-17917 | ** DISPUTED ** SQL injection vulnerability in the 'where' method in Ru ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-17919 | ** DISPUTED ** SQL injection vulnerability in the 'order' method in Ru ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-17920 | ** DISPUTED ** SQL injection vulnerability in the 'reorder' method in ... | bookworm, bullseye, buster, sid, stretch | |
rbdoom3bfg | CVE-2020-15007 | A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ... | bookworm, bullseye, buster, sid, stretch |
re2c | CVE-2018-21232 | re2c before 2.0 has uncontrolled recursion that causes stack consumpti ... | bookworm, bullseye, buster, sid, stretch |
CVE-2022-23901 | A stack overflow re2c 2.2 exists due to infinite recursion issues in s ... | bullseye, buster, stretch | |
recutils | CVE-2019-6455 | An issue was discovered in GNU Recutils 1.8. There is a double-free pr ... | bookworm, bullseye, buster, sid, stretch |
CVE-2019-6456 | An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-6457 | An issue was discovered in GNU Recutils 1.8. There is a memory leak in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-6458 | An issue was discovered in GNU Recutils 1.8. There is a memory leak in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-6459 | An issue was discovered in GNU Recutils 1.8. There is a memory leak in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-6460 | An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-11637 | An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-11638 | An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-11639 | An issue was discovered in GNU recutils 1.8. There is a stack-based bu ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-11640 | An issue was discovered in GNU recutils 1.8. There is a heap-based buf ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-46019 | An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GN ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-46021 | An Use-After-Free vulnerability in rec_record_destroy() at rec-record. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-46022 | An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset ... | bookworm, bullseye, buster, sid, stretch | |
redis | CVE-2017-15047 | The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows atta ... | stretch |
CVE-2020-21468 | ** DISPUTED ** A segmentation fault in the redis-server component of R ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-3470 | A heap overflow issue was found in Redis in versions before 5.0.10, be ... | buster, stretch | |
resiprocate | CVE-2017-9454 | Buffer overflow in the ares_parse_a_reply function in the embedded are ... | stretch |
rhn-client-tools | CVE-2015-1777 | rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Re ... | stretch |
rhythmbox | CVE-2008-7185 | GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of se ... | bookworm, bullseye, buster, sid, stretch |
ring | CVE-2022-24786 | PJSIP is a free and open source multimedia communication library writt ... | bullseye, buster, sid, stretch |
CVE-2022-24792 | PJSIP is a free and open source multimedia communication library writt ... | bullseye, buster, sid, stretch | |
roundcube | CVE-2020-12640 | Roundcube Webmail before 1.4.4 allows attackers to include local files ... | stretch |
CVE-2020-12641 | rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to ... | stretch | |
rpm | CVE-2010-2198 | lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ... | bookworm, bullseye, buster, sid, stretch |
CVE-2010-2199 | lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-7500 | It was found that rpm did not properly handle RPM installations when a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-7501 | It was found that versions of rpm before 4.13.0.2 use temporary files ... | bookworm, bullseye, buster, sid, stretch | |
rsyslog | CVE-2015-3243 | rsyslog uses weak permissions for generating log files, which allows l ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-12588 | The zmq3 input and output modules in rsyslog before 8.28.0 interpreted ... | stretch | |
rtpproxy | CVE-2017-14114 | RTPproxy through 2.2.alpha.20160822 has a NAT feature that results in ... | sid, stretch |
rtv | CVE-2017-17516 | scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 d ... | bookworm, bullseye, buster, sid, stretch |
ruamel.yaml | CVE-2019-20478 | In ruamel.yaml through 0.16.7, the load method allows remote code exec ... | bookworm, bullseye, buster, sid, stretch |
ruby-handlebars-assets | TEMP-0000000-345A3B | handlebars: quoteless attributes in templates can lead to content injection | bullseye, buster, sid, stretch |
ruby-oauth | CVE-2016-11086 | lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby doe ... | bookworm, bullseye, buster, sid, stretch |
salt | CVE-2021-22004 | An issue was discovered in SaltStack Salt before 3003.3. The salt mini ... | bullseye, buster, stretch |
samba | CVE-2019-3824 | A flaw was found in the way an LDAP search expression could crash the ... | stretch |
CVE-2020-27840 | A flaw was found in samba. Spaces used in a string around a domain nam ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-20277 | A flaw was found in Samba's libldb. Multiple, consecutive leading spac ... | bookworm, bullseye, buster, sid, stretch | |
sarg | CVE-2019-18932 | log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows ... | stretch |
scala | CVE-2017-15288 | The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, ... | stretch |
scikit-learn | CVE-2020-13092 | ** DISPUTED ** scikit-learn (aka sklearn) through 0.23.0 can unseriali ... | bookworm, bullseye, buster, sid, stretch |
scummvm | CVE-2017-17528 | backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not valida ... | bookworm, bullseye, buster, sid, stretch |
seahorse | CVE-2008-7320 | ** DISPUTED ** GNOME Seahorse through 3.30 allows physically proximate ... | bookworm, bullseye, buster, sid, stretch |
shadow | CVE-2007-5686 | initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... | bookworm, bullseye, buster, sid, stretch |
CVE-2013-4235 | shadow: TOCTOU (time-of-check time-of-use) race condition when copying ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-19882 | shadow 4.8, in certain circumstances affecting at least Gentoo, Arch L ... | bookworm, bullseye, buster, sid, stretch | |
TEMP-0628843-DBAD28 | more related to CVE-2005-4890 | bookworm, bullseye, buster, sid, stretch | |
shadowsocks-libev | CVE-2019-5152 | An exploitable information disclosure vulnerability exists in the netw ... | bookworm, bullseye, buster, sid, stretch |
shairport-sync | CVE-2017-12087 | An exploitable heap overflow vulnerability exists in the tinysvcmdns l ... | stretch |
sharutils | TEMP-0000000-95CBBF | uudecode: stack out of bounds read access | bookworm, bullseye, buster, sid, stretch |
shibboleth-sp | CVE-2019-19191 | Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file ... | bookworm, bullseye, buster, sid |
sipcrack | CVE-2017-11654 | An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-11655 | A memory leak was found in the way SIPcrack 0.2 handled processing of ... | bookworm, bullseye, buster, sid, stretch | |
sleuthkit | CVE-2017-13755 | In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image trigge ... | stretch |
CVE-2017-13756 | In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers i ... | stretch | |
CVE-2017-13760 | In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in t ... | stretch | |
CVE-2019-14531 | An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-14532 | An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-1010065 | The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The ... | stretch | |
CVE-2020-10233 | In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap- ... | bookworm, bullseye, buster, sid, stretch | |
slic3r | CVE-2020-28590 | An out-of-bounds read vulnerability exists in the Obj File TriangleMes ... | bookworm, bullseye, buster, sid |
CVE-2020-28591 | An out-of-bounds read vulnerability exists in the AMF File AMFParserCo ... | buster | |
slim | TEMP-0537604-F35BD7 | insecure tmp file vulnerability in slim | bookworm, bullseye, buster, sid, stretch |
slurm-llnl | CVE-2019-19727 | SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd ... | buster, stretch |
sosreport | CVE-2014-0246 | SOSreport stores the md5 hash of the GRUB bootloader password in an ar ... | bookworm, bullseye, buster, sid, stretch |
sphinxsearch | CVE-2019-14511 | Sphinx Technologies Sphinx 3.1.1 by default has no authentication and ... | buster, stretch |
spice-gtk | CVE-2016-3066 | The spice-gtk widget allows remote authenticated users to obtain infor ... | bookworm, bullseye, buster, sid, stretch |
spotweb | CVE-2021-40968 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster, stretch |
CVE-2021-40969 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster, stretch | |
CVE-2021-40970 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster, stretch | |
CVE-2021-40971 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster, stretch | |
CVE-2021-40972 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster, stretch | |
CVE-2021-40973 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster, stretch | |
sql-ledger | CVE-2007-0667 | The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2 ... | bookworm, bullseye, buster, sid, stretch |
CVE-2007-1329 | Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2007-1923 | (1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2007-5372 | Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2008-4077 | The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledg ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2008-4078 | SQL injection vulnerability in the AR/AP transaction report in (1) Led ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2009-3580 | Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2009-3581 | Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2009-3582 | Multiple SQL injection vulnerabilities in the delete subroutine in SQL ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2009-3583 | Directory traversal vulnerability in the Preferences menu item in SQL- ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2009-3584 | SQL-Ledger 2.8.24 does not set the secure flag for the session cookie ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2009-4402 | The default configuration of SQL-Ledger 2.8.24 allows remote attackers ... | bookworm, bullseye, buster, sid, stretch | |
sqlite3 | CVE-2017-13685 | The dump_callback function in SQLite 3.20.0 allows remote attackers to ... | stretch |
CVE-2019-19244 | sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-sel ... | buster | |
CVE-2020-11656 | In SQLite through 3.31.1, the ALTER TABLE implementation has a use-aft ... | buster, stretch | |
CVE-2021-36690 | ** DISPUTED ** A segmentation fault can occur in the sqlite3.exe comma ... | bullseye, buster | |
sqliteodbc | CVE-2020-12050 | SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.99 ... | bookworm, bullseye, buster, sid, stretch |
squid | CVE-2019-12522 | An issue was discovered in Squid through 4.7. When Squid is run as roo ... | bookworm, bullseye, buster, sid |
CVE-2020-8517 | An issue was discovered in Squid before 4.10. Due to incorrect input v ... | buster | |
CVE-2020-14058 | An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due ... | buster | |
squid3 | CVE-2018-1172 | This vulnerability allows remote attackers to deny service on vulnerab ... | stretch |
CVE-2018-19131 | Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S ... | stretch | |
CVE-2019-12522 | An issue was discovered in Squid through 4.7. When Squid is run as roo ... | stretch | |
CVE-2020-8517 | An issue was discovered in Squid before 4.10. Due to incorrect input v ... | stretch | |
CVE-2020-14058 | An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due ... | stretch | |
ssmtp | CVE-2004-0423 | The log_event function in ssmtp 2.50.6 and earlier allows local users ... | bookworm, bullseye, sid, stretch |
CVE-2008-7258 | bookworm, bullseye, sid, stretch | ||
stalin | CVE-2015-8697 | stalin 0.11-5 allows local users to write to arbitrary files. ... | bookworm, bullseye, buster, sid, stretch |
strongswan | CVE-2018-5389 | The Internet Key Exchange v1 main mode is vulnerable to offline dictio ... | bookworm, bullseye, buster, sid, stretch |
sudo | CVE-2005-1119 | Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary ... | bookworm, bullseye, buster, sid, stretch |
CVE-2019-19232 | ** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Ru ... | buster, stretch | |
CVE-2019-19234 | ** DISPUTED ** In Sudo through 1.8.29, the fact that a user has been b ... | buster, stretch | |
CVE-2021-23240 | selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a loc ... | buster, stretch | |
supervisor | CVE-2019-12105 | ** DISPUTED ** In Supervisor through 4.0.2, an unauthenticated user ca ... | bookworm, bullseye, buster, sid, stretch |
surf | CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | bookworm, bullseye, buster, sid, stretch |
svgpp | CVE-2019-6245 | An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ... | bookworm, bullseye, buster, sid |
CVE-2019-6247 | An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ... | bookworm, bullseye, buster, sid | |
swftools | CVE-2017-8401 | In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the ... | stretch |
CVE-2017-8420 | SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address ... | stretch | |
CVE-2017-9924 | In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attacker ... | stretch | |
CVE-2017-9925 | In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attacker ... | stretch | |
CVE-2017-9926 | In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attacker ... | stretch | |
CVE-2017-9927 | In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attacker ... | stretch | |
CVE-2017-10976 | When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead t ... | stretch | |
CVE-2017-11096 | When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lea ... | stretch | |
CVE-2017-11097 | When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a ... | stretch | |
CVE-2017-11098 | When SWFTools 0.9.2 processes a crafted file in png2swf, it can lead t ... | stretch | |
CVE-2017-11099 | When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead t ... | stretch | |
CVE-2017-11100 | When SWFTools 0.9.2 processes a crafted file in swfextract, it can lea ... | stretch | |
CVE-2017-11101 | When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lea ... | stretch | |
CVE-2017-16711 | The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c ... | stretch | |
CVE-2017-16794 | The png_load function in lib/png.c in SWFTools 0.9.2 does not properly ... | stretch | |
CVE-2017-16796 | In SWFTools 0.9.2, the png_load function in lib/png.c does not check t ... | stretch | |
CVE-2017-16868 | In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not ... | stretch | |
CVE-2017-16890 | SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono func ... | stretch | |
CVE-2017-1000174 | In SWFTools, an address access exception was found in swfdump swf_GetB ... | stretch | |
CVE-2017-1000182 | In SWFTools, a memory leak was found in wav2swf. ... | stretch | |
CVE-2017-1000186 | In SWFTools, a stack overflow was found in pdf2swf. ... | stretch | |
CVE-2017-1000187 | In SWFTools, an address access exception was found in pdf2swf. FoFiTru ... | stretch | |
swi-prolog | CVE-2017-17524 | library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings b ... | bookworm, bullseye, buster, sid, stretch |
sylpheed | CVE-2007-1267 | Sylpheed 2.2.7 and earlier does not properly use the --status-fd argum ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-17517 | libsylph/utils.c in Sylpheed through 3.6 does not validate strings bef ... | bookworm, bullseye, buster, sid, stretch | |
symfony | CVE-2017-18343 | ** DISPUTED ** The debug handler in Symfony before v2.7.33, 2.8.x befo ... | stretch |
CVE-2018-12040 | ** DISPUTED ** Reflected Cross-site scripting (XSS) vulnerability in t ... | stretch | |
sysstat | CVE-2019-19725 | sysstat through 12.2.0 has a double free in check_file_actlst in sa_co ... | buster |
systemd | CVE-2013-4392 | systemd, when updating file permissions, allows local users to change ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-18078 | systemd-tmpfiles in systemd before 237 attempts to support ownership/p ... | stretch | |
CVE-2017-1000082 | systemd v233 and earlier fails to safely parse usernames starting with ... | stretch | |
CVE-2019-20386 | An issue was discovered in button_open in login/logind-button.c in sys ... | buster, stretch | |
CVE-2020-13529 | An exploitable denial-of-service vulnerability exists in Systemd 245. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-13776 | systemd through v245 mishandles numerical usernames such as ones compo ... | buster, stretch | |
sysvinit | TEMP-0517018-A83CE6 | sysvinit: no-root option in expert installer exposes locally exploitable security flaw | bookworm, bullseye, buster, sid, stretch |
t1utils | TEMP-0868134-294030 | out-of-bounds read in eexec_line() | stretch |
tar | CVE-2005-2541 | Tar 1.15.1 does not properly warn the user when extracting setuid or s ... | bookworm, bullseye, buster, sid, stretch |
CVE-2019-9923 | pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointe ... | buster, stretch | |
CVE-2021-20193 | A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw ... | buster, stretch | |
TEMP-0290435-0B57B5 | tar's rmt command may have undesired side effects | bookworm, bullseye, buster, sid, stretch | |
tcc | CVE-2018-20374 | An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-20375 | An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-20376 | An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ... | bookworm, bullseye, buster, sid, stretch | |
tcl8.6 | CVE-2021-35331 | ** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehl ... | bookworm, bullseye, buster, sid, stretch |
tcpdump | CVE-2018-16301 | The command-line argument parser in tcpdump before 4.99.0 has a buffer ... | buster, stretch |
CVE-2018-19519 | In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_p ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-1010220 | tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. T ... | bookworm, bullseye, buster, sid, stretch | |
tcpflow | CVE-2018-18409 | A stack-based buffer over-read exists in setbit() at iptree.h of TCPFL ... | stretch |
tcpreplay | CVE-2019-8376 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ... | buster, stretch |
CVE-2019-8377 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ... | buster, stretch | |
CVE-2019-8381 | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access o ... | buster, stretch | |
CVE-2020-12740 | tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-rea ... | buster, stretch | |
CVE-2020-18976 | Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial ... | buster, stretch | |
CVE-2020-23273 | Heap-buffer overflow in the randomize_iparp function in edit_packet.c. ... | buster, stretch | |
CVE-2020-24265 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ... | bullseye, buster, stretch | |
CVE-2020-24266 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ... | bullseye, buster, stretch | |
CVE-2021-45386 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c ... | bookworm, bullseye, buster, stretch | |
CVE-2021-45387 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c ... | bookworm, bullseye, buster, stretch | |
CVE-2022-25484 | tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in pac ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-27416 | Tcpreplay v4.4.1 was discovered to contain a double-free via __interce ... | bookworm, bullseye, buster, stretch | |
CVE-2022-27418 | Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math ... | bookworm, bullseye, buster, stretch | |
CVE-2022-27939 | tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_ ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-27940 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-27941 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-27942 | tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_ ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-28487 | Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_che ... | bookworm, bullseye, buster, sid, stretch | |
telegram-desktop | CVE-2018-17231 | ** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow atta ... | bookworm, bullseye, buster, sid |
CVE-2018-17613 | Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enab ... | bookworm, bullseye, buster, sid | |
texlive-base | CVE-2017-17513 | TeX Live through 20170524 does not validate strings before launching t ... | bookworm, bullseye, buster, sid, stretch |
texlive-bin | CVE-2016-10243 | TeX Live allows remote attackers to execute arbitrary commands by leve ... | buster, stretch |
CVE-2017-17513 | TeX Live through 20170524 does not validate strings before launching t ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-19601 | OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of ... | bookworm, bullseye, buster, sid, stretch | |
thrift-compiler | CVE-2016-5397 | The Apache Thrift Go client library exposed the potential during code ... | stretch |
thunar | CVE-2018-18398 | Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey ... | bookworm, bullseye, buster, sid, stretch |
TEMP-0517020-915121 | thunar: potential exploits via application launchers | bookworm, bullseye, buster, sid, stretch | |
tiff | CVE-2014-8130 | The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not rejec ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-5563 | LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read i ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-9117 | In LibTIFF 4.0.7, the program processes BMP images without verifying t ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-16232 | ** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-17973 | ** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-10126 | LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 fu ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18661 | An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dere ... | stretch | |
CVE-2019-6128 | The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory l ... | stretch | |
CVE-2020-35521 | A flaw was found in libtiff. Due to a memory allocation failure in tif ... | buster, stretch | |
CVE-2020-35522 | In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A craf ... | buster, stretch | |
CVE-2022-1056 | Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers ... | bookworm, bullseye, buster, sid, stretch | |
timidity | CVE-2017-11546 | The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allo ... | stretch |
CVE-2017-11547 | The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows ... | stretch | |
CVE-2017-11549 | The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remot ... | bookworm, bullseye, buster, sid, stretch | |
tin | CVE-2017-17520 | ** DISPUTED ** tools/url_handler.pl in TIN 2.4.1 does not validate str ... | bookworm, bullseye, buster, sid, stretch |
tinymux | CVE-2007-1959 | Unspecified vulnerability in the process_cmdent function in command.cp ... | bookworm, bullseye, buster, sid, stretch |
tinyxml2 | CVE-2018-11210 | ** DISPUTED ** TinyXML2 6.2.0 has a heap-based buffer over-read in the ... | bookworm, bullseye, buster, sid, stretch |
tomcat7 | CVE-2012-5568 | Apache Tomcat through 7.0.x allows remote attackers to cause a denial ... | stretch |
CVE-2021-24122 | When serving resources from a network location using the NTFS file sys ... | stretch, buster | |
tor | CVE-2006-6893 | Tor allows remote attackers to discover the IP address of a hidden ser ... | bookworm, bullseye, buster, sid, stretch |
CVE-2007-1103 | Tor does not verify a node's uptime and bandwidth advertisements, whic ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2009-0654 | Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attacke ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-8516 | ** DISPUTED ** The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2020-15572 | Tor before 0.4.3.6 has an out-of-bounds memory access that allows a re ... | buster, stretch | |
triplea | CVE-2018-1000546 | Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XX ... | bookworm, bullseye, sid, stretch |
trousers | CVE-2020-24330 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ... | bullseye, buster, stretch |
CVE-2020-24331 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ... | bullseye, buster, stretch | |
CVE-2020-24332 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ... | bullseye, buster, stretch | |
twig | CVE-2018-13818 | ** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Injection ... | stretch |
u-boot | CVE-2017-3225 | Das U-Boot is a device bootloader that can read its configuration from ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-3226 | Das U-Boot is a device bootloader that can read its configuration from ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18439 | DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer over ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18440 | DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overf ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-1000205 | U-Boot contains a CWE-20: Improper Input Validation vulnerability in V ... | bookworm, bullseye, buster, sid, stretch | |
uclibc | CVE-2017-9728 | In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp f ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-9729 | In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-27419 | uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-arou ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-43523 | In uClibc and uClibc-ng before 1.0.39, incorrect handling of special c ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-30295 | uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable D ... | bookworm, bullseye, buster, sid, stretch | |
ufraw | CVE-2018-19655 | A stack-based buffer overflow in the find_green() function of dcraw th ... | stretch |
uglifyjs | CVE-2015-8857 | The uglify-js package before 2.4.24 for Node.js does not properly acco ... | bookworm, bullseye, buster, sid, stretch |
unbound | CVE-2019-18934 | Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec modul ... | buster |
CVE-2019-25031 | ** DISPUTED ** Unbound before 1.9.5 allows configuration injection in ... | buster | |
CVE-2019-25032 | ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the ... | buster | |
CVE-2019-25033 | ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the ... | buster | |
CVE-2019-25034 | ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in sldn ... | buster | |
CVE-2019-25035 | ** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write in s ... | buster | |
CVE-2019-25036 | ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and de ... | buster | |
CVE-2019-25037 | ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and de ... | buster | |
CVE-2019-25038 | ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a si ... | buster | |
CVE-2019-25039 | ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a si ... | buster | |
CVE-2019-25040 | ** DISPUTED ** Unbound before 1.9.5 allows an infinite loop via a comp ... | buster | |
CVE-2019-25041 | ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure via a ... | buster | |
CVE-2019-25042 | ** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write via ... | buster | |
undertow | CVE-2019-19343 | A flaw was found in Undertow when using Remoting as shipped in Red Hat ... | bookworm, sid |
unixodbc | CVE-2012-2657 | stretch | |
CVE-2012-2658 | stretch | ||
unrar-free | CVE-2017-11189 | unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a ... | stretch |
CVE-2017-11190 | unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might ... | bullseye, buster, stretch | |
unzip | CVE-2021-4217 | Null pointer dereference in Unicode strings code | bookworm, bullseye, buster, sid, stretch |
upx-ucl | CVE-2017-15056 | p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote a ... | stretch |
CVE-2017-16869 | ** DISPUTED ** p_mach.cpp in UPX 3.94 allows remote attackers to cause ... | stretch | |
CVE-2019-14295 | An Integer overflow in the getElfSections function in p_vmlinx.cpp in ... | buster, stretch | |
CVE-2019-14296 | canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause ... | buster, stretch | |
CVE-2019-20021 | A heap-based buffer over-read was discovered in canUnpack in p_mach.cp ... | buster, stretch | |
CVE-2019-20051 | A floating-point exception was discovered in PackLinuxElf::elf_hash in ... | buster, stretch | |
CVE-2019-20053 | An invalid memory address dereference was discovered in the canUnpack ... | buster, stretch | |
CVE-2019-20805 | p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacki ... | buster, stretch | |
CVE-2020-24119 | A heap buffer overflow read was discovered in upx 4.0.0, because the c ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-20285 | A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-30500 | Null pointer dereference was found in upx PackLinuxElf::canUnpack() in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-30501 | An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in ... | bookworm, bullseye, buster, sid, stretch | |
util-linux | CVE-2022-0563 | A flaw was found in the util-linux chfn and chsh utilities when compil ... | bookworm, bullseye, buster, sid, stretch |
uwsgi | CVE-2020-11984 | Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure an ... | bookworm, bullseye, buster, sid |
CVE-2021-36160 | A carefully crafted request uri-path can cause mod_proxy_uwsgi to read ... | bookworm, bullseye, buster, sid | |
uzbl | CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | stretch |
varnish | CVE-2009-4488 | ** DISPUTED ** Varnish 2.0.6 writes data to a log file without sanitiz ... | bullseye, buster, sid, stretch |
vim | CVE-2008-4677 | autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions ... | bookworm, bullseye, buster, sid, stretch |
CVE-2017-1000382 | VIM version 8.0.1187 (and other versions most likely) ignores umask wh ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-1620 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-1629 | Buffer Over-read in function find_next_quote in GitHub repository vim/ ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-1674 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-1725 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.495 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-1733 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-1735 | Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2. ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2022-1769 | Buffer Over-read in GitHub repository vim/vim prior to 8.2. ... | bookworm, bullseye, buster, sid, stretch | |
vino | CVE-2011-1164 | Vino before 2.99.4 can connect external networks contrary to the state ... | bookworm, bullseye, buster, sid, stretch |
CVE-2011-1165 | Vino, possibly before 3.2, does not properly document that it opens po ... | bookworm, bullseye, buster, sid, stretch | |
vorbis-tools | CVE-2017-11331 | The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 ... | bookworm, bullseye, buster, sid, stretch |
vte | CVE-2005-0023 | gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to sp ... | bookworm, bullseye, buster, sid, stretch |
w3m | TEMP-0532514-9137E0 | predictable random number generator used in web browsers | bookworm, bullseye, buster, sid, stretch |
wavpack | CVE-2021-44269 | An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV f ... | bookworm, bullseye, buster, sid, stretch |
webkit2gtk | CVE-2017-17821 | WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology ... | stretch |
CVE-2018-4101 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4113 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4114 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4117 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4118 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4119 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4120 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4121 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4122 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4125 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4127 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4128 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4129 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4133 | An issue was discovered in certain Apple products. Safari before 11.1 ... | stretch | |
CVE-2018-4146 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4161 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4162 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4163 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4165 | An issue was discovered in certain Apple products. iOS before 11.3 is ... | stretch | |
CVE-2018-4190 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4191 | A memory corruption issue was addressed with improved validation. This ... | stretch | |
CVE-2018-4192 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4197 | A use after free issue was addressed with improved memory management. ... | stretch | |
CVE-2018-4199 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4200 | An issue was discovered in certain Apple products. iOS before 11.3.1 i ... | stretch | |
CVE-2018-4201 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4204 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4207 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ... | stretch | |
CVE-2018-4208 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ... | stretch | |
CVE-2018-4209 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ... | stretch | |
CVE-2018-4210 | In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS befo ... | stretch | |
CVE-2018-4212 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ... | stretch | |
CVE-2018-4213 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, ... | stretch | |
CVE-2018-4214 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4218 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4222 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4232 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4233 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4246 | An issue was discovered in certain Apple products. iOS before 11.4 is ... | stretch | |
CVE-2018-4261 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4262 | In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11 ... | stretch | |
CVE-2018-4263 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4264 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4265 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4266 | A race condition was addressed with additional validation. This issue ... | stretch | |
CVE-2018-4267 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4270 | A memory corruption issue was addressed with improved memory handling. ... | stretch | |
CVE-2018-4271 | Multiple memory corruption issues were addressed with improved input v ... | stretch | |
CVE-2018-4272 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4273 | Multiple memory corruption issues were addressed with improved input v ... | stretch | |
CVE-2018-4278 | In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11 ... | stretch | |
CVE-2018-4284 | A type confusion issue was addressed with improved memory handling. Th ... | stretch | |
CVE-2018-4299 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4306 | A use after free issue was addressed with improved memory management. ... | stretch | |
CVE-2018-4309 | A cross-site scripting issue existed in Safari. This issue was address ... | stretch | |
CVE-2018-4311 | The issue was addressed by removing origin information. This issue aff ... | stretch | |
CVE-2018-4312 | A use after free issue was addressed with improved memory management. ... | stretch | |
CVE-2018-4314 | A use after free issue was addressed with improved memory management. ... | stretch | |
CVE-2018-4315 | A use after free issue was addressed with improved memory management. ... | stretch | |
CVE-2018-4316 | A memory corruption issue was addressed with improved state management ... | stretch | |
CVE-2018-4317 | A use after free issue was addressed with improved memory management. ... | stretch | |
CVE-2018-4318 | A use after free issue was addressed with improved memory management. ... | stretch | |
CVE-2018-4319 | A cross-origin issue existed with "iframe" elements. This was addresse ... | stretch | |
CVE-2018-4323 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4328 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4345 | A cross-site scripting issue existed in Safari. This issue was address ... | stretch | |
CVE-2018-4358 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4359 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4361 | A memory consumption issue was addressed with improved memory handling ... | stretch | |
CVE-2018-4372 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4373 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4375 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4376 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4378 | A memory corruption issue was addressed with improved validation. This ... | stretch | |
CVE-2018-4382 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4386 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4392 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4416 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4437 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-4438 | A logic issue existed resulting in memory corruption. This was address ... | stretch | |
CVE-2018-4441 | A memory corruption issue was addressed with improved memory handling. ... | stretch | |
CVE-2018-4442 | A memory corruption issue was addressed with improved memory handling. ... | stretch | |
CVE-2018-4443 | A memory corruption issue was addressed with improved memory handling. ... | stretch | |
CVE-2018-4464 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2018-11646 | webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIco ... | stretch | |
CVE-2018-11712 | WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the li ... | stretch | |
CVE-2018-11713 | WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the li ... | stretch | |
CVE-2018-12293 | The getImageData function in the ImageBufferCairo class in WebCore/pla ... | stretch | |
CVE-2018-12294 | WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as ... | stretch | |
CVE-2018-12911 | WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bou ... | stretch | |
CVE-2019-6212 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2019-6215 | A type confusion issue was addressed with improved memory handling. Th ... | stretch | |
CVE-2019-6216 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2019-6217 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2019-6226 | Multiple memory corruption issues were addressed with improved memory ... | stretch | |
CVE-2019-6227 | A memory corruption issue was addressed with improved memory handling. ... | stretch | |
CVE-2019-6229 | A logic issue was addressed with improved validation. This issue is fi ... | stretch | |
CVE-2019-6233 | A memory corruption issue was addressed with improved memory handling. ... | stretch | |
CVE-2019-6234 | A memory corruption issue was addressed with improved memory handling. ... | stretch | |
CVE-2019-8375 | The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.9 ... | stretch | |
webkitgtk | CVE-2016-1856 | WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tv ... | stretch |
CVE-2016-1857 | WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tv ... | stretch | |
CVE-2016-4657 | WebKit in Apple iOS before 9.3.5 allows remote attackers to execute ar ... | stretch | |
CVE-2016-4761 | WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow rem ... | stretch | |
CVE-2016-9642 | JavaScriptCore in WebKit allows attackers to cause a denial of service ... | stretch | |
CVE-2016-9643 | The regex code in Webkit 2.4.11 allows remote attackers to cause a den ... | stretch | |
CVE-2016-10222 | runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in ... | stretch | |
CVE-2016-10226 | JavaScriptCore in WebKit, as distributed in Safari Technology Preview ... | stretch | |
CVE-2017-2367 | An issue was discovered in certain Apple products. iOS before 10.3 is ... | stretch | |
CVE-2017-5949 | JavaScriptCore in WebKit, as distributed in Safari Technology Preview ... | stretch | |
whitedune | CVE-2017-17518 | ** DISPUTED ** swt/motif/browser.c in White_dune (aka whitedune) 0.30. ... | bookworm, bullseye, buster, sid, stretch |
wine | TEMP-0816034-9C45DC | unsafe use of /tmp | stretch, stretch |
wordpress | CVE-2006-0733 | ** DISPUTED ** Cross-site scripting (XSS) vulnerability in WordPress 2 ... | bookworm, bullseye, buster, sid, stretch |
CVE-2008-0191 | WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2011-4898 | ** DISPUTED ** wp-admin/setup-config.php in the installation component ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2011-4899 | ** DISPUTED ** wp-admin/setup-config.php in the installation component ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2012-0782 | ** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2012-0937 | ** DISPUTED ** wp-admin/setup-config.php in the installation component ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2012-5868 | WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upo ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2013-7233 | Cross-site request forgery (CSRF) vulnerability in the retrospam compo ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2017-6514 | WordPress 4.7.2 mishandles listings of post authors, which allows remo ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-6389 | In WordPress through 4.9.2, unauthenticated attackers can cause a deni ... | bookworm, bullseye, buster, sid, stretch | |
wpa | CVE-2016-10743 | hostapd before 2.6 does not prevent use of the low-quality PRNG that i ... | stretch |
CVE-2017-13084 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Sta ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2019-5061 | An exploitable denial-of-service vulnerability exists in the hostapd 2 ... | buster, stretch | |
CVE-2019-5062 | An exploitable denial-of-service vulnerability exists in the 802.11w s ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2021-30004 | In wpa_supplicant and hostapd 2.9, forging attacks may occur because A ... | bookworm, bullseye, buster, sid, stretch | |
xbindkeys-config | CVE-2014-9513 | Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows rem ... | bookworm, bullseye, buster, sid, stretch |
xchat | CVE-2011-5129 | Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote at ... | buster |
xdg-user-dirs | CVE-2017-15131 | It was found that system umask policy is not being honored when creati ... | bookworm, bullseye, buster, sid, stretch |
xen | CVE-2014-9066 | Xen 4.4.x and earlier, when using a large number of VCPUs, does not pr ... | bookworm, bullseye, buster, sid, stretch |
CVE-2021-28689 | x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests ... | bookworm, bullseye, buster, sid, stretch | |
xerces-c | CVE-2012-0880 | Apache Xerces-C++ allows remote attackers to cause a denial of service ... | bookworm, bullseye, buster, sid, stretch |
xfig | CVE-2009-4228 | Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlie ... | bookworm, bullseye, buster, sid, stretch |
xloadimage | CVE-2006-4484 | Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in ... | bookworm, bullseye, buster, sid, stretch |
xpdf | CVE-2010-0206 | xpdf allows remote attackers to cause a denial of service (NULL pointe ... | bookworm, bullseye, buster, sid, stretch |
CVE-2010-0207 | In xpdf, the xref table contains an infinite loop which allows remote ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2013-4472 | The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-7173 | A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-7174 | An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-7175 | An issue was discovered in xpdf 4.00. A NULL pointer dereference in re ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-7452 | A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc i ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-7453 | Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-7454 | A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpd ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-7455 | An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xp ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-8100 | The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allo ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-8101 | The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-8102 | The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-8103 | The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-8104 | The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows atta ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-8105 | The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allow ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-8106 | The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-8107 | The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows atta ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-11033 | The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-16368 | SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-16369 | XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18454 | CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote atta ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18455 | The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote a ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18456 | The function Object::isName() in Object.h (called from Gfx::opSetFillC ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18457 | The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remo ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18458 | The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows r ... | bookworm, bullseye, buster, sid, stretch | |
CVE-2018-18459 | The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remo ... | bookworm, bullseye, buster, sid, stretch | |
xterm | CVE-2006-4447 | X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtran ... | bookworm, bullseye, buster, sid, stretch |
yabasic | CVE-2019-19720 | Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() functio ... | bookworm, bullseye, buster, sid, stretch |
CVE-2019-19796 | Yabasic 2.86.2 has a heap-based buffer overflow in myformat in functio ... | bookworm, bullseye, buster, sid, stretch | |
yara | CVE-2019-19648 | In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, ... | bookworm, bullseye, buster, sid, stretch |
yaws | CVE-2009-4495 | Yaws 1.85 writes data to a log file without sanitizing non-printable c ... | bookworm, bullseye, buster, sid, stretch |
yum | CVE-2013-1910 | yum does not properly handle bad metadata, which allows an attacker to ... | buster, stretch |
zeek | CVE-2021-41732 | ** DISPUTED ** An issue was discovered in zeek version 4.1.0. There is ... | sid |
zim | CVE-2020-10870 | Zim through 0.72.1 creates temporary directories with predictable name ... | buster, stretch |
zip | CVE-2018-13410 | ** DISPUTED ** Info-ZIP Zip 3.0, when the -T and -TT command-line opti ... | bookworm, bullseye, buster, sid, stretch |
zoneminder | CVE-2019-7350 | Session fixation exists in ZoneMinder through 1.32.3, as an attacker c ... | bookworm, bullseye, sid |
CVE-2019-7351 | Log Injection exists in ZoneMinder through 1.32.3, as an attacker can ... | bookworm, bullseye, sid | |
CVE-2019-8423 | ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ... | bookworm, bullseye, sid | |
CVE-2019-8425 | includes/database.php in ZoneMinder before 1.32.3 has XSS in the const ... | bookworm, bullseye, sid | |
CVE-2019-8427 | daemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ... | bookworm, bullseye, sid | |
CVE-2019-8429 | ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php fil ... | bookworm, bullseye, sid | |
CVE-2022-29806 | ZoneMinder before 1.36.13 allows remote code execution via an invalid ... | bullseye | |
zoph | CVE-2014-9235 | Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Pho ... | bookworm, bullseye, buster, sid |
CVE-2014-9236 | Cross-site scripting (XSS) vulnerability in php/edit_photos.php in Zop ... | bookworm, bullseye, buster, sid | |
zsh | CVE-2017-18205 | In builtin.c in zsh before 5.4, when sh compatibility mode is used, th ... | stretch |
CVE-2018-7548 | In subst.c in zsh through 5.4.2, there is a NULL pointer dereference w ... | stretch | |
CVE-2018-7549 | In params.c in zsh through 5.4.2, there is a crash during a copy of an ... | stretch | |
zziplib | CVE-2018-6542 | In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trail ... | bookworm, bullseye, buster, sid, stretch |
CVE-2018-7727 | An issue was discovered in ZZIPlib 0.13.68. There is a memory leak tri ... | bookworm, bullseye, buster, sid, stretch | |
zziplib | CVE-2018-17828 | Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers ... | bookworm, bullseye, buster, sid, stretch |