This page lists packages that are affected by issues that are considered unimportant from a security perspective. These issues are thought to be unexploitable or uneffective in most situations (for example, browser denial-of-services).
| Package | Bug | Description | Releases |
|---|---|---|---|
| 389-ds-base | CVE-2016-5416 | 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ... | bookworm, bullseye, buster, sid, trixie |
| 9base | CVE-2014-1935 | 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results ... | bookworm, bullseye, buster, sid, trixie |
| abcm2ps | CVE-2021-32434 | abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in th ... | bullseye, buster |
| CVE-2021-32436 | An out-of-bounds read in the function write_title() in subs.c of abcm2 ... | bullseye, buster | |
| abiword | CVE-2017-17529 | af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings ... | bookworm, bullseye, buster, sid |
| activemq | CVE-2019-0222 | In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame ca ... | buster |
| CVE-2020-1941 | In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open ... | buster | |
| CVE-2020-13947 | An instance of a cross-site scripting vulnerability was identified to ... | buster | |
| CVE-2022-41678 | Once an user is authenticated on Jolokia, he can potentially trigger a ... | bookworm, bullseye, buster | |
| adns | CVE-2017-9103 | An issue was discovered in adns before 1.5.2. pap_mailbox822 does not ... | buster |
| CVE-2017-9104 | An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if ... | buster | |
| CVE-2017-9105 | An issue was discovered in adns before 1.5.2. It corrupts a pointer wh ... | buster | |
| CVE-2017-9106 | An issue was discovered in adns before 1.5.2. adns_rr_info mishandles ... | buster | |
| CVE-2017-9107 | An issue was discovered in adns before 1.5.2. It overruns reading a bu ... | buster | |
| CVE-2017-9108 | An issue was discovered in adns before 1.5.2. adnshost mishandles a mi ... | buster | |
| CVE-2017-9109 | An issue was discovered in adns before 1.5.2. It fails to ignore appar ... | buster | |
| advancecomp | CVE-2022-35014 | Advancecomp v2.3 contains a segmentation fault. | bullseye, buster |
| CVE-2022-35015 | Advancecomp v2.3 was discovered to contain a heap buffer overflow via ... | bullseye, buster | |
| CVE-2022-35016 | Advancecomp v2.3 was discovered to contain a heap buffer overflow. | bullseye, buster | |
| CVE-2022-35017 | Advancecomp v2.3 was discovered to contain a heap buffer overflow. | bullseye, buster | |
| CVE-2022-35018 | Advancecomp v2.3 was discovered to contain a segmentation fault. | bullseye, buster | |
| CVE-2022-35020 | Advancecomp v2.3 was discovered to contain a heap buffer overflow via ... | bullseye, buster | |
| CVE-2023-2961 | A segmentation fault flaw was found in the Advancecomp package. This m ... | bullseye, buster | |
| android-framework-23 | CVE-2017-0752 | A elevation of privilege vulnerability in the Android framework (windo ... | bullseye, buster, sid |
| CVE-2017-0822 | An elevation of privilege vulnerability in the Android system (camera) ... | bullseye, buster, sid | |
| android-platform-frameworks-base | CVE-2021-39796 | In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there ... | bookworm, bullseye, buster, sid |
| CVE-2022-20011 | In getArray of NotificationManagerService.java , there is a possible l ... | bookworm, bullseye, buster, sid | |
| android-platform-frameworks-native | CVE-2015-3875 | libutils in Android before 5.1.1 LMY48T allows remote attackers to exe ... | bookworm, bullseye, buster, sid |
| CVE-2015-6602 | libutils in Android through 5.1.1 LMY48M allows remote attackers to ex ... | bookworm, bullseye, buster, sid | |
| CVE-2015-6609 | libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allo ... | bookworm, bullseye, buster, sid | |
| android-platform-system-core | CVE-2012-5564 | android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users t ... | bullseye, buster |
| CVE-2017-0841 | A remote code execution vulnerability in the Android system (libutils) ... | bullseye, buster | |
| android-tools | CVE-2012-5564 | android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users t ... | buster |
| anjuta | CVE-2021-42522 | There is a Information Disclosure vulnerability in anjuta/plugins/docu ... | bookworm, bullseye, buster |
| ansible | CVE-2020-1734 | A flaw was found in the pipe lookup plugin of ansible. Arbitrary comma ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2020-1736 | A flaw was found in Ansible Engine when a file is moved using atomic_m ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-1737 | A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9 ... | buster | |
| CVE-2020-1738 | A flaw was found in Ansible Engine when the module package or service ... | bookworm, bullseye, buster, sid, trixie | |
| ant | CVE-2021-36373 | When reading a specially crafted TAR archive an Apache Ant build can b ... | bullseye, buster |
| CVE-2021-36374 | When reading a specially crafted ZIP archive, or a derived formats, an ... | bullseye, buster | |
| apache2 | CVE-2001-1534 | mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2003-1307 | The mod_php module for the Apache HTTP Server allows local users with ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2003-1580 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2003-1581 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2007-0086 | The Apache HTTP Server, when accessed through a TCP connection with a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2007-1743 | suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2007-3303 | Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2008-0456 | CRLF injection vulnerability in the mod_negotiation module in the Apac ... | bookworm, bullseye, buster, sid, trixie | |
| apparmor | CVE-2016-1585 | In all versions of AppArmor mount rules are accidentally widened when ... | bookworm, bullseye, buster |
| apt | CVE-2011-3374 | It was found that apt-key in apt, all versions, do not correctly valid ... | bookworm, bullseye, buster, sid, trixie |
| apt-setup | CVE-2005-2214 | apt-setup in Debian GNU/Linux installs the apt.conf file with insecure ... | bookworm, bullseye, buster, sid, trixie |
| arm-trusted-firmware | CVE-2022-47630 | Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 ... | bookworm, bullseye, buster |
| asn1c | CVE-2017-12966 | The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1 ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2020-23910 | Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-23911 | An issue was discovered in asn1c through v0.9.28. A NULL pointer deref ... | bookworm, bullseye, buster, sid, trixie | |
| avahi | CVE-2017-6519 | avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to ... | buster |
| awffull | CVE-2007-0510 | Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) prese ... | bookworm, bullseye, buster, sid, trixie |
| awstats | CVE-2018-10245 | A Full Path Disclosure vulnerability in AWStats through 7.6 allows rem ... | bookworm, bullseye, buster, sid, trixie |
| axis | CVE-2007-2353 | Apache Axis 1.0 allows remote attackers to obtain sensitive informatio ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-0227 | A Server Side Request Forgery (SSRF) vulnerability affected the Apache ... | bookworm, bullseye, buster, sid, trixie | |
| bash | CVE-2019-18276 | An issue was discovered in disable_priv_mode in shell.c in GNU Bash th ... | buster |
| TEMP-0841856-B18BAF | Privilege escalation possible to other user than root | bookworm, bullseye, buster, sid, trixie | |
| bash-completion | CVE-2018-7738 | In util-linux before 2.32-rc1, bash-completion/umount allows local use ... | bookworm, bullseye, buster, sid, trixie |
| bibutils | CVE-2018-10773 | NULL pointer deference in the addsn function in serialno.c in libbibco ... | buster |
| CVE-2018-10774 | Read access violation in the isiin_keyword function in isiin.c in libb ... | buster | |
| CVE-2018-10775 | NULL pointer dereference in the _fields_add function in fields.c in li ... | buster | |
| binaryen | CVE-2019-15758 | An issue was discovered in Binaryen 1.38.32. Missing validation rules ... | buster |
| CVE-2019-15759 | An issue was discovered in Binaryen 1.38.32. Two visitors in ir/Expres ... | buster | |
| CVE-2021-45290 | A Denial of Service vulnerability exits in Binaryen 103 due to an asse ... | bullseye, buster | |
| CVE-2021-45293 | A Denial of Service vulnerability exists in Binaryen 103 due to an Inv ... | bullseye, buster | |
| CVE-2021-46048 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-46050 | A Stack Overflow vulnerability exists in Binaryen 103 via the printf_c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-46052 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-46053 | A Denial of Service vulnerability exists in Binaryen 103. The program ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-46054 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-46055 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, buster, sid, trixie | |
| binutils | CVE-2017-13716 | The C++ symbol demangler routine in cplus-dem.c in libiberty, as distr ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-9138 | An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ... | buster | |
| CVE-2018-9996 | An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-12697 | A NULL pointer dereference (aka SEGV on unknown address 0x000000000000 ... | buster | |
| CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in G ... | buster | |
| CVE-2018-12699 | finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause ... | buster | |
| CVE-2018-12934 | remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU ... | buster | |
| CVE-2018-17358 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2018-17359 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2018-17360 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2018-17794 | An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ... | buster | |
| CVE-2018-17985 | An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ... | buster | |
| CVE-2018-18309 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2018-18483 | The get_count function in cplus-dem.c in GNU libiberty, as distributed ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18484 | An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ... | buster | |
| CVE-2018-18605 | A heap-based buffer over-read issue was discovered in the function sec ... | buster | |
| CVE-2018-18606 | An issue was discovered in the merge_strings function in merge.c in th ... | buster | |
| CVE-2018-18607 | An issue was discovered in elf_link_input_bfd in elflink.c in the Bina ... | buster | |
| CVE-2018-18700 | An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ... | buster | |
| CVE-2018-18701 | An issue was discovered in cp-demangle.c in GNU libiberty, as distribu ... | buster | |
| CVE-2018-19931 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2018-19932 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2018-20002 | The _bfd_generic_read_minisymbols function in syms.c in the Binary Fil ... | buster | |
| CVE-2018-20623 | In GNU Binutils 2.31.1, there is a use-after-free in the error functio ... | buster | |
| CVE-2018-20651 | A NULL pointer dereference was discovered in elf_link_add_object_symbo ... | buster | |
| CVE-2018-20671 | load_specific_debug_section in objdump.c in GNU Binutils through 2.31. ... | buster | |
| CVE-2018-20673 | The demangle_template function in cplus-dem.c in GNU libiberty, as dis ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-20712 | A heap-based buffer over-read exists in the function d_expression_1 in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-1000876 | binutils version 2.32 and earlier contains a Integer Overflow vulnerab ... | buster | |
| CVE-2019-9070 | An issue was discovered in GNU libiberty, as distributed in GNU Binuti ... | buster | |
| CVE-2019-9071 | An issue was discovered in GNU libiberty, as distributed in GNU Binuti ... | buster | |
| CVE-2019-9073 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2019-9074 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2019-9075 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2019-9077 | An issue was discovered in GNU Binutils 2.32. It is a heap-based buffe ... | buster | |
| CVE-2019-12972 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2019-14250 | An issue was discovered in GNU libiberty, as distributed in GNU Binuti ... | buster | |
| CVE-2019-14444 | apply_relocations in readelf.c in GNU Binutils 2.32 contains an intege ... | buster | |
| CVE-2019-17450 | find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) ... | buster | |
| CVE-2019-17451 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | buster | |
| CVE-2019-1010180 | GNU gdb All versions is affected by: Buffer Overflow - Out of bound me ... | buster | |
| CVE-2019-1010204 | GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is aff ... | bullseye, buster | |
| CVE-2020-16590 | A double free vulnerability exists in the Binary File Descriptor (BFD) ... | buster | |
| CVE-2020-16591 | A Denial of Service vulnerability exists in the Binary File Descriptor ... | buster | |
| CVE-2020-16592 | A use after free issue exists in the Binary File Descriptor (BFD) libr ... | buster | |
| CVE-2020-16593 | A Null Pointer Dereference vulnerability exists in the Binary File Des ... | buster | |
| CVE-2020-16599 | A Null Pointer Dereference vulnerability exists in the Binary File Des ... | buster | |
| CVE-2020-19724 | A memory consumption issue in get_data function in binutils/nm.c in GN ... | buster | |
| CVE-2020-19726 | An issue was discovered in binutils libbfd.c 2.36 relating to the auxi ... | bullseye, buster | |
| CVE-2020-21490 | An issue was discovered in GNU Binutils 2.34. It is a memory leak when ... | buster | |
| CVE-2020-35342 | GNU Binutils before 2.34 has an uninitialized-heap vulnerability in fu ... | buster | |
| CVE-2020-35448 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | bullseye, buster | |
| CVE-2020-35493 | A flaw exists in binutils in bfd/pef.c. An attacker who is able to sub ... | buster | |
| CVE-2020-35494 | There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is ab ... | buster | |
| CVE-2020-35495 | There's a flaw in binutils /bfd/pef.c. An attacker who is able to subm ... | buster | |
| CVE-2020-35496 | There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutil ... | buster | |
| CVE-2020-35507 | There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutil ... | buster | |
| CVE-2021-3530 | A flaw was discovered in GNU libiberty within demangle_path() in rust- ... | bullseye, buster | |
| CVE-2021-3549 | An out of bounds flaw was found in GNU binutils objdump utility versio ... | bullseye, buster | |
| CVE-2021-3826 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c ... | bullseye, buster | |
| CVE-2021-20197 | There is an open race window when writing output in the following util ... | bullseye, buster | |
| CVE-2021-20284 | A flaw was found in GNU Binutils 2.35.1, where there is a heap-based b ... | bullseye, buster | |
| CVE-2021-20294 | A flaw was found in binutils readelf 2.35 program. An attacker who is ... | buster | |
| CVE-2021-32256 | An issue was discovered in GNU libiberty, as distributed in GNU Binuti ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45078 | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows ... | bullseye, buster | |
| CVE-2021-46174 | Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump ... | bullseye, buster | |
| CVE-2021-46195 | GCC v12.0 was discovered to contain an uncontrolled recursion via the ... | bullseye, buster | |
| CVE-2022-4285 | An illegal memory access flaw was found in the binutils package. Parsi ... | bullseye, buster | |
| CVE-2022-35205 | An issue was discovered in Binutils readelf 2.38.50, reachable asserti ... | bullseye, buster | |
| CVE-2022-35206 | Null pointer dereference vulnerability in Binutils readelf 2.38.50 via ... | bullseye, buster | |
| CVE-2022-38533 | In GNU Binutils before 2.40, there is a heap-buffer-overflow in the er ... | bullseye, buster | |
| CVE-2022-44840 | Heap buffer overflow vulnerability in binutils readelf before 2.40 via ... | bullseye, buster | |
| CVE-2022-45703 | Heap buffer overflow vulnerability in binutils readelf before 2.40 via ... | bullseye, buster | |
| CVE-2022-47007 | An issue was discovered function stab_demangle_v3_arg in stabs.c in Bi ... | bullseye, buster | |
| CVE-2022-47008 | An issue was discovered function make_tempdir, and make_tempname in bu ... | bullseye, buster | |
| CVE-2022-47010 | An issue was discovered function pr_function_type in prdbg.c in Binuti ... | bullseye, buster | |
| CVE-2022-47011 | An issue was discovered function parse_stab_struct_fields in stabs.c i ... | bullseye, buster | |
| CVE-2022-47673 | An issue was discovered in Binutils addr2line before 2.39.3, function ... | bullseye, buster | |
| CVE-2022-47695 | An issue was discovered Binutils objdump before 2.39.3 allows attacker ... | bullseye, buster | |
| CVE-2022-47696 | An issue was discovered Binutils objdump before 2.39.3 allows attacker ... | bullseye, buster | |
| CVE-2022-48063 | GNU Binutils before 2.40 was discovered to contain an excessive memory ... | bullseye, buster | |
| CVE-2022-48064 | GNU Binutils before 2.40 was discovered to contain an excessive memory ... | bullseye, buster | |
| CVE-2022-48065 | GNU Binutils before 2.40 was discovered to contain a memory leak vulne ... | bullseye, buster | |
| CVE-2023-1579 | Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | bullseye, buster | |
| CVE-2023-1972 | A potential heap based buffer overflow was found in _bfd_elf_slurp_ver ... | bookworm, bullseye, buster | |
| CVE-2023-25584 | An out-of-bounds read flaw was found in the parse_module function in b ... | bullseye, buster | |
| CVE-2023-25585 | A flaw was found in Binutils. The use of an uninitialized field in the ... | bullseye, buster | |
| CVE-2023-25586 | A flaw was found in Binutils. A logic fail in the bfd_init_section_dec ... | bullseye, buster | |
| CVE-2023-25588 | A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct i ... | bullseye, buster | |
| binwalk | CVE-2021-4287 | A vulnerability, which was classified as problematic, was found in ReF ... | bullseye, buster |
| bison | CVE-2020-14150 | GNU Bison before 3.5.4 allows attackers to cause a denial of service ( ... | buster |
| blender | CVE-2005-3151 | Buffer overflow in blenderplay in Blender Player 2.37a allows attacker ... | bookworm, bullseye, buster, sid |
| CVE-2009-3850 | Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execut ... | bookworm, bullseye, buster, sid | |
| CVE-2010-5105 | The undo save quit routine in the kernel in Blender 2.5, 2.63a, and ea ... | bookworm, bullseye, buster, sid | |
| CVE-2022-2832 | A flaw was found in Blender 3.3.0. A null pointer dereference exists i ... | bookworm, bullseye, buster, sid | |
| CVE-2022-2833 | Endless Infinite loop in Blender-thumnailing due to logical bugs. | bullseye, buster | |
| bluez | CVE-2016-9797 | In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" functio ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2016-9798 | In BlueZ 5.42, a use-after-free was identified in "conf_opt" function ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9799 | In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" funct ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9800 | In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9801 | In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" functi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9802 | In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" fun ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9803 | In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9804 | In BlueZ 5.42, a buffer overflow was observed in "commands_dump" funct ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9917 | In BlueZ 5.42, a buffer overflow was observed in "read_n" function in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9918 | In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump ... | bookworm, bullseye, buster, sid, trixie | |
| bochs | CVE-2007-2894 | The emulated floppy disk controller in Bochs 2.3 allows local users of ... | bookworm, bullseye, buster, sid, trixie |
| brandy | CVE-2019-14662 | Brandy 1.20.1 has a stack-based buffer overflow in fileio_openout in f ... | bullseye, buster |
| CVE-2019-14663 | Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fi ... | bullseye, buster | |
| CVE-2019-14665 | Brandy 1.20.1 has a heap-based buffer overflow in define_array in vari ... | bullseye, buster | |
| CVE-2020-27372 | A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1 ... | bookworm, bullseye, buster, sid, trixie | |
| budgie-extras | CVE-2023-49347 | Temporary data passed between application components by Budgie Extras ... | bookworm, bullseye, buster |
| busybox | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2021-42373 | A NULL pointer dereference in Busybox's man applet leads to denial of ... | bullseye, buster | |
| CVE-2021-42374 | An out-of-bounds heap read in Busybox's unlzma applet leads to informa ... | bullseye, buster | |
| CVE-2021-42375 | An incorrect handling of a special element in Busybox's ash applet lea ... | bullseye, buster | |
| CVE-2021-42376 | A NULL pointer dereference in Busybox's hush applet leads to denial of ... | bullseye, buster | |
| CVE-2022-30065 | A use-after-free in Busybox 1.35-x's awk applet leads to denial of ser ... | bookworm, bullseye, buster | |
| bwa | CVE-2019-11371 | BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow vi ... | bookworm, bullseye, buster, sid, trixie |
| bwm-ng | CVE-2022-1341 | An issue was discovered in in bwm-ng v0.6.2. An arbitrary null write e ... | buster |
| byobu | CVE-2019-7306 | Byobu Apport hook may disclose sensitive information since it automati ... | bookworm, bullseye, buster, sid, trixie |
| byzanz | CVE-2015-2785 | The GIF encoder in Byzanz allows remote attackers to cause a denial of ... | bookworm, bullseye, buster, sid, trixie |
| bzip3 | CVE-2023-29417 | An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_d ... | bookworm, sid, trixie |
| c-ares | CVE-2023-31124 | c-ares is an asynchronous resolver library. When cross-compiling c-are ... | bookworm, bullseye, buster |
| CVE-2023-31147 | c-ares is an asynchronous resolver library. When /dev/urandom or RtlGe ... | bookworm, bullseye, buster | |
| cacti | CVE-2020-7058 | data_input.php in Cacti 1.2.8 allows remote code execution via a craft ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2022-48538 | In Cacti 1.2.19, there is an authentication bypass in the web login fu ... | bullseye, buster | |
| cadaver | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... | bookworm, bullseye, buster, sid, trixie | |
| calamares | CVE-2019-13178 | modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2. ... | buster |
| catdoc | CVE-2018-20451 | The process_file function in reader.c in libdoc through 2017-10-23 has ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-20453 | The getlong function in numutils.c in libdoc through 2017-10-23 has a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-7156 | In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows divi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-7233 | In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31979 | Catdoc v0.95 was discovered to contain a global buffer overflow via th ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-41633 | Catdoc v0.95 was discovered to contain a NULL pointer dereference via ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-46345 | Catdoc v0.95 was discovered to contain a NULL pointer dereference via ... | bookworm, bullseye, buster, sid, trixie | |
| cflow | CVE-2019-16165 | GNU cflow through 1.6 has a use-after-free in the reference function i ... | bullseye, buster |
| CVE-2019-16166 | GNU cflow through 1.6 has a heap-based buffer over-read in the nexttok ... | bullseye, buster | |
| CVE-2020-23856 | Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, ... | bullseye, buster | |
| CVE-2023-2789 | A vulnerability was found in GNU cflow 1.7. It has been rated as probl ... | bookworm, bullseye, buster, sid, trixie | |
| chafa | CVE-2022-1507 | chafa: NULL Pointer Dereference in function gif_internal_decode_frame ... | bullseye, buster |
| CVE-2022-2061 | Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior ... | bullseye, buster | |
| CVE-2022-2301 | Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. | bullseye, buster | |
| checkinstall | CVE-2020-25031 | checkinstall 1.6.2, when used to create a package that contains a syml ... | bookworm, bullseye, sid, trixie |
| cifs-utils | CVE-2014-2830 | Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils ... | bookworm, bullseye, buster, sid, trixie |
| cimg | CVE-2018-7587 | An issue was discovered in CImg v.220. DoS occurs when loading a craft ... | bookworm, bullseye, buster, sid, trixie |
| civetweb | CVE-2020-27304 | The CivetWeb web library does not validate uploaded filepaths when run ... | bullseye |
| cjson | CVE-2023-50472 | cJSON v1.7.16 was discovered to contain a segmentation violation via t ... | bookworm, bullseye |
| ckeditor | CVE-2023-4771 | A Cross-Site scripting vulnerability has been found in CKSource CKEdit ... | bookworm, bullseye, buster, sid, trixie |
| clementine | CVE-2018-14332 | An issue was discovered in Clementine Music Player 1.3.1. Clementine.e ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2021-40826 | Clementine Music Player through 1.3.1 is vulnerable to a User Mode Wri ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-40827 | Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) ... | bookworm, bullseye, buster, sid, trixie | |
| coin3 | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... | bookworm, bullseye, buster, sid, trixie | |
| colord | CVE-2021-42523 | There are two Information Disclosure vulnerabilities in colord, and th ... | bullseye, buster |
| confuse | CVE-2018-19760 | cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak. | buster |
| context | CVE-2017-17513 | TeX Live through 20170524 does not validate strings before launching t ... | bookworm, bullseye, buster, sid, trixie |
| coreboot | CVE-2022-29264 | An issue was discovered in coreboot 4.13 through 4.16. On APs, arbitra ... | bookworm, sid, trixie |
| coreutils | CVE-2017-18018 | In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does no ... | bookworm, bullseye, buster, sid, trixie |
| courier | CVE-2004-2313 | Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error message ... | bookworm, bullseye, buster, sid |
| CVE-2005-1308 | SqWebMail allows remote attackers to inject arbitrary web script or HT ... | bookworm, bullseye, buster, sid | |
| cppcheck | CVE-2023-39070 | An issue in Cppcheck 2.12 dev allows a local attacker to execute arbit ... | bookworm, bullseye, buster, sid, trixie |
| crasm | CVE-2023-23108 | In crasm 1.8-3, invalid input validation, specific files passed to the ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-23109 | In crasm 1.8-3, invalid input validation, specific files passed to the ... | bookworm, bullseye, buster, sid, trixie | |
| ctn | CVE-2008-5146 | add-accession-numbers in ctn 3.0.6 allows local users to overwrite arb ... | bookworm, bullseye, buster, sid, trixie |
| cups | CVE-2014-8166 | The browsing feature in the server in CUPS does not filter ANSI escape ... | bookworm, bullseye, buster, sid, trixie |
| curl | CVE-2020-19909 | Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a ... | buster |
| CVE-2021-22922 | When curl is instructed to download content using the metalink feature ... | bullseye, buster | |
| CVE-2021-22923 | When curl is instructed to get content using the metalink feature, and ... | bullseye, buster | |
| CVE-2023-28320 | A denial of service vulnerability exists in curl <v8.1.0 in the way li ... | bullseye, buster | |
| CVE-2024-2379 | libcurl skips the certificate verification for a QUIC connection under ... | bookworm, bullseye, buster, trixie | |
| CVE-2024-2466 | libcurl did not check the server certificate of TLS connections done t ... | trixie | |
| dacs | CVE-2021-29629 | In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before ... | buster |
| db4o | CVE-2012-6550 | Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 ... | bookworm, bullseye, buster |
| CVE-2013-1808 | Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and Zero ... | bookworm, bullseye, buster | |
| CVE-2014-1869 | Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.s ... | bookworm, bullseye, buster | |
| dcraw | CVE-2018-19565 | A buffer over-read in crop_masked_pixels in dcraw through 9.28 could b ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-19566 | A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-19567 | A floating point exception in parse_tiff_ifd in dcraw through 9.28 cou ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-19568 | A floating point exception in kodak_radc_load_raw in dcraw through 9.2 ... | bookworm, bullseye, buster, sid, trixie | |
| dia | CVE-2019-19451 | When GNOME Dia before 2019-11-27 is launched with a filename argument ... | bullseye, buster |
| dillo | TEMP-0560108-565B70 | browser-based css info disclosure | bookworm, bullseye, buster, sid, trixie |
| dlt-daemon | CVE-2021-29507 | GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interfa ... | bullseye, buster |
| dmg2img | CVE-2021-3548 | A flaw was found in dmg2img through 20170502. dmg2img did not validate ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2021-32614 | A flaw was found in dmg2img through 20170502. fill_mishblk() does not ... | bookworm, bullseye, buster, sid, trixie | |
| dnsmasq | CVE-2021-45951 | Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (ca ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2021-45952 | Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called fr ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45953 | Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45954 | Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45955 | Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45956 | Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called fro ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45957 | Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (calle ... | bookworm, bullseye, buster, sid, trixie | |
| dnspython | CVE-2008-1447 | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, ... | bookworm, bullseye, buster, sid, trixie |
| dnstracer | CVE-2017-9430 | Stack-based buffer overflow in dnstracer through 1.9 allows attackers ... | bookworm, bullseye, buster, sid, trixie |
| dogtag-pki | CVE-2015-0234 | Multiple temporary file creation vulnerabilities in pki-core 10.2.0. | bullseye, sid |
| dokuwiki | CVE-2016-7965 | DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the ... | bookworm, bullseye, buster, sid |
| dovecot | CVE-2008-4870 | dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedor ... | bookworm, bullseye, buster, sid |
| dpic | CVE-2021-32421 | dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() func ... | bullseye |
| CVE-2021-32422 | dpic 2021.01.01 has a Global buffer overflow in theyylex() function in ... | bullseye | |
| CVE-2021-33390 | dpic 2021.04.10 has a use-after-free in thedeletestringbox() function ... | bullseye | |
| dpkg-cross | CVE-2008-4950 | gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary ... | bookworm, bullseye, buster, sid, trixie |
| dropbear | CVE-2020-36254 | scp.c in Dropbear before 2020.79 mishandles the filename of . or an em ... | buster |
| duo-unix | CVE-2020-12135 | bson before 0.8 incorrectly uses int rather than size_t for many varia ... | bookworm, bullseye, buster, sid, trixie |
| edk2 | CVE-2014-4859 | Integer overflow in the Drive Execution Environment (DXE) phase in the ... | buster |
| CVE-2014-4860 | Multiple integer overflows in the Pre-EFI Initialization (PEI) boot ph ... | buster | |
| CVE-2018-12179 | Improper configuration in system firmware for EDK II may allow unauthe ... | buster | |
| CVE-2018-12182 | Insufficient memory write check in SMM service for EDK II may allow an ... | buster | |
| CVE-2019-14553 | Improper authentication in EDK II may allow a privileged user to poten ... | buster | |
| CVE-2021-28213 | Example EDK2 encrypted private key in the IpSecDxe.efi present potenti ... | buster | |
| elfutils | CVE-2021-33294 | In elfutils 0.183, an infinite loop was found in the function handle_s ... | bullseye, buster |
| CVE-2024-25260 | elfutils v0.189 was discovered to contain a NULL pointer dereference v ... | bookworm, bullseye, buster, sid, trixie | |
| epiphany-browser | CVE-2007-1084 | Mozilla Firefox 2.0.0.1 and earlier does not prompt users before savin ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | bookworm, bullseye, buster, sid, trixie | |
| TEMP-0560108-565B70 | browser-based css info disclosure | bookworm, bullseye, buster, sid, trixie | |
| erlang | CVE-2009-0130 | lib/crypto/c_src/crypto_drv.c in erlang does not properly check the re ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2016-1000107 | inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1 ... | bookworm, bullseye, buster, sid, trixie | |
| etcd | CVE-2022-34038 | Etcd v3.5.4 allows remote attackers to cause a denial of service via f ... | bookworm, bullseye, buster, sid, trixie |
| evolution | CVE-2007-1266 | Evolution 2.8.1 and earlier does not properly use the --status-fd argu ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2011-3201 | GNOME Evolution before 3.2.3 allows user-assisted remote attackers to ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2013-4166 | The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNO ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-17689 | The S/MIME specification allows a Cipher Block Chaining (CBC) malleabi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-3349 | GNOME Evolution through 3.38.3 produces a "Valid signature" message fo ... | bookworm, bullseye, buster, sid, trixie | |
| exif | CVE-2021-27815 | NULL Pointer Deference in the exif command line tool, when printing ou ... | bullseye, buster |
| exiv2 | CVE-2018-14338 | samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realp ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2020-18773 | An invalid memory access in the decode function in iptc.cpp of Exiv2 0 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-18774 | A float point exception in the printLong function in tags_int.cpp of E ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-18898 | A stack exhaustion issue in the printIFDStructure function of Exiv2 0. ... | bookworm, bullseye, buster, sid, trixie | |
| expat | CVE-2013-0340 | expat 2.1.0 and earlier does not properly handle entities expansion un ... | bullseye, buster |
| CVE-2023-52426 | libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DT ... | bookworm, bullseye, buster | |
| CVE-2024-28757 | libexpat through 2.6.1 allows an XML Entity Expansion attack when ther ... | bookworm, bullseye, buster | |
| faac | CVE-2018-19886 | An invalid memory address dereference was discovered in the huffcode f ... | buster |
| CVE-2018-19887 | An invalid memory address dereference was discovered in the huffcode f ... | buster | |
| CVE-2018-19888 | An invalid memory address dereference was discovered in the huffcode f ... | buster | |
| CVE-2018-19889 | An invalid memory address dereference was discovered in the huffcode f ... | buster | |
| CVE-2018-19890 | An invalid memory address dereference was discovered in the huffcode f ... | buster | |
| CVE-2018-19891 | An invalid memory address dereference was discovered in the huffcode f ... | buster | |
| faust | CVE-2021-32275 | An issue was discovered in faust through v2.30.5. A NULL pointer deref ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-37770 | faust commit ee39a19 was discovered to contain a stack overflow via th ... | bookworm, bullseye, buster, sid, trixie | |
| fdkaac | CVE-2022-36148 | fdkaac commit 53fe239 was discovered to contain a floating point excep ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2022-37781 | fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __i ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-34823 | fdkaac before 1.0.5 was discovered to contain a stack overflow in read ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-34824 | fdkaac before 1.0.5 was discovered to contain a heap buffer overflow i ... | bookworm, bullseye, buster, sid, trixie | |
| fetchmail | CVE-2021-36386 | report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits i ... | buster |
| ffmpeg | CVE-2020-20450 | FFmpeg 4.2 is affected by null pointer dereference passed as argument ... | buster |
| CVE-2020-20451 | Denial of Service issue in FFmpeg 4.2 due to resource management error ... | buster | |
| CVE-2020-20898 | Integer Overflow vulnerability in function filter16_prewitt in libavfi ... | buster | |
| CVE-2020-22038 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | bullseye, buster | |
| CVE-2020-22039 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
| CVE-2020-22040 | A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memor ... | buster | |
| CVE-2020-22041 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
| CVE-2020-22042 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
| CVE-2020-22043 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
| CVE-2020-22044 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
| CVE-2020-22046 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
| CVE-2020-22048 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
| CVE-2020-22051 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
| CVE-2020-22056 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | buster | |
| CVE-2021-38090 | Integer Overflow vulnerability in function filter16_roberts in libavfi ... | buster | |
| CVE-2021-38091 | Integer Overflow vulnerability in function filter16_sobel in libavfilt ... | buster | |
| CVE-2021-38092 | Integer Overflow vulnerability in function filter_prewitt in libavfilt ... | buster | |
| CVE-2021-38093 | Integer Overflow vulnerability in function filter_robert in libavfilte ... | buster | |
| CVE-2021-38094 | Integer Overflow vulnerability in function filter_sobel in libavfilter ... | buster | |
| fig2dev | CVE-2020-21678 | A global buffer overflow in the genmp_writefontmacro_latex component i ... | buster |
| CVE-2020-21680 | A stack-based buffer overflow in the put_arrow() component in genpict2 ... | buster | |
| CVE-2020-21681 | A global buffer overflow in the set_color component in genge.c of fig2 ... | buster | |
| CVE-2020-21682 | A global buffer overflow in the set_fill component in genge.c of fig2d ... | buster | |
| CVE-2020-21683 | A global buffer overflow in the shade_or_tint_name_after_declare_color ... | buster | |
| CVE-2020-21684 | A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2 ... | buster | |
| firefox | CVE-2004-1639 | Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows re ... | sid |
| CVE-2005-2395 | Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the ... | sid | |
| CVE-2005-4685 | Firefox and Mozilla can associate a cookie with multiple domains when ... | sid | |
| CVE-2019-12383 | Tor Browser before 8.0.1 has an information exposure vulnerability. It ... | sid | |
| CVE-2023-5217 | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior ... | sid | |
| firefox-esr | CVE-2019-12383 | Tor Browser before 8.0.1 has an information exposure vulnerability. It ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-5217 | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior ... | bookworm, sid, trixie | |
| firehol | CVE-2008-4953 | firehol in firehol 1.256 allows local users to overwrite arbitrary fil ... | bookworm, bullseye, buster, sid, trixie |
| flask-caching | CVE-2021-33026 | The Flask-Caching extension through 1.10.1 for Flask relies on Pickle ... | bookworm, bullseye, sid, trixie |
| flex | CVE-2019-6293 | An issue was discovered in the function mark_beginning_as_normal in nf ... | bookworm, bullseye, buster, sid, trixie |
| flintqs | CVE-2023-29465 | SageMath FlintQS 1.0 relies on pathnames under TMPDIR (typically world ... | bookworm, bullseye, buster, sid, trixie |
| flvmeta | CVE-2023-36243 | FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml ... | bookworm, bullseye, buster, sid, trixie |
| fontforge | CVE-2017-11570 | FontForge 20161012 is vulnerable to a buffer over-read in umodenc (par ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-11573 | FontForge 20161012 is vulnerable to a buffer over-read in ValidatePost ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-17521 | uiutil.c in FontForge through 20170731 does not validate strings befor ... | bookworm, bullseye, buster, sid, trixie | |
| foomatic-filters | CVE-2011-2923 | foomatic-rip filter, all versions, used insecurely creates temporary f ... | bookworm, bullseye, buster, sid, trixie |
| TEMP-0000000-ACBC4C | buffer overflows in init_cups | bookworm, bullseye, buster, sid, trixie | |
| freeipa | CVE-2015-5179 | FreeIPA might display user data improperly via vectors involving non-p ... | bookworm, buster, sid, trixie |
| CVE-2017-12169 | It was found that FreeIPA 4.2.0 and later could disclose password hash ... | bookworm, buster, sid, trixie | |
| CVE-2019-14826 | A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies ... | bookworm, buster, sid, trixie | |
| CVE-2023-5455 | A Cross-site request forgery vulnerability exists in ipa/session/login ... | bookworm, buster, sid, trixie | |
| CVE-2024-1271 | privileges escalation from root to domain admin | bookworm, buster, sid, trixie | |
| freeradius | CVE-2007-0080 | Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-10143 | It was discovered freeradius up to and including version 3.0.19 does n ... | bookworm, bullseye, buster, sid, trixie | |
| freetype | CVE-2022-31782 | ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ... | bullseye, buster |
| frr | CVE-2020-12831 | An issue was discovered in FRRouting FRR (aka Free Range Routing) thro ... | bookworm, bullseye, buster, sid |
| ganglia-web | CVE-2015-6816 | ganglia-web before 3.7.1 allows remote attackers to bypass authenticat ... | buster |
| CVE-2019-20378 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20379 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ... | bookworm, bullseye, buster, sid, trixie | |
| gcc-12 | CVE-2022-27943 | libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in ... | bookworm, sid, trixie |
| gcc-mingw-w64 | CVE-2016-4973 | Binaries compiled against targets that use the libssp library in GCC f ... | bookworm, bullseye, buster, sid, trixie |
| gdal | CVE-2019-17546 | tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0. ... | buster |
| gdb | CVE-2014-8501 | The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutil ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-9778 | GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length f ... | buster | |
| CVE-2023-39128 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack o ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-39129 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap us ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-39130 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap bu ... | bookworm, bullseye, buster, sid, trixie | |
| gedit | CVE-2017-14108 | libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to ca ... | bookworm, bullseye, buster, sid, trixie |
| geomview | CVE-2017-17530 | common/help.c in Geomview 1.9.5 does not validate strings before launc ... | bookworm, bullseye, buster, sid, trixie |
| gerbv | CVE-2021-40400 | An out-of-bounds read vulnerability exists in the RS-274X aperture mac ... | bullseye, buster |
| CVE-2021-40402 | An out-of-bounds read vulnerability exists in the RS-274X aperture mac ... | bookworm, bullseye, buster, sid, trixie | |
| ghostscript | CVE-2022-1350 | A vulnerability classified as problematic was found in GhostPCL 9.55.0 ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-38560 | An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_ ... | bookworm, bullseye, buster | |
| ghostwriter | CVE-2022-39209 | cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ... | bullseye, buster |
| giac | CVE-2017-17526 | Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings be ... | bookworm, bullseye, buster, sid |
| gif2apng | CVE-2021-45907 | An issue was discovered in gif2apng 1.9. There is a stack-based buffer ... | bullseye, buster |
| CVE-2021-45908 | An issue was discovered in gif2apng 1.9. There is a stack-based buffer ... | bullseye, buster | |
| giflib | CVE-2020-23922 | An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif ... | bookworm, bullseye, buster |
| CVE-2021-40633 | A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5 ... | bookworm, bullseye, buster | |
| CVE-2022-28506 | There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RG ... | bookworm, bullseye, buster | |
| CVE-2023-39742 | giflib v5.2.1 was discovered to contain a segmentation fault via the c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-48161 | Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows ... | bookworm, bullseye, buster | |
| gifsicle | CVE-2020-19752 | The find_color_or_error function in gifsicle 1.92 contains a NULL poin ... | bullseye, buster |
| CVE-2023-36193 | Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via t ... | bookworm, bullseye, buster | |
| CVE-2023-44821 | Gifsicle through 1.94, if deployed in a way that allows untrusted inpu ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-46009 | gifsicle-1.94 was found to have a floating point exception (FPE) vulne ... | bookworm, bullseye, buster, sid, trixie | |
| giftrans | CVE-2021-45972 | The giftrans function in giftrans 1.12.2 contains a stack-based buffer ... | bookworm, bullseye, buster, sid, trixie |
| gimp | CVE-2012-4245 | The scriptfu network server in GIMP 2.6 does not require authenticatio ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-12713 | GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary f ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-30067 | GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a ... | bullseye | |
| CVE-2022-32990 | An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allow ... | bullseye, buster | |
| git | CVE-2018-1000021 | GIT version 2.15.1 and earlier contains a Input Validation Error vulne ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2022-24975 | The --mirror documentation for Git through 2.35.1 does not mention the ... | bookworm, bullseye, buster, sid, trixie | |
| gjots2 | CVE-2017-17535 | lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before ... | buster |
| glance | CVE-2013-4354 | The API before 2.1 in OpenStack Image Registry and Delivery Service (G ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2015-8234 | The image signature algorithm in OpenStack Glance 11.0.0 allows remote ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-4383 | The glance-manage db in all versions of HPE Helion Openstack Glance al ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-8611 | A vulnerability was found in Openstack Glance. No limits are enforced ... | bookworm, bullseye, buster, sid, trixie | |
| glib2.0 | CVE-2012-0039 | GLib 2.31.8 and earlier, when the g_str_hash function is used, compute ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2020-35457 | GNOME GLib before 2.65.3 has an integer overflow, that might lead to a ... | buster | |
| glibc | CVE-2010-4756 | The glob implementation in the GNU C Library (aka glibc or libc6) allo ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-20796 | In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-9192 | In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-1010022 | GNU Libc current is affected by: Mitigation bypass. The impact is: Att ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-1010023 | GNU Libc current is affected by: Re-mapping current loaded library wit ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-1010024 | GNU Libc current is affected by: Mitigation bypass. The impact is: Att ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-1010025 | GNU Libc current is affected by: Mitigation bypass. The impact is: Att ... | bookworm, bullseye, buster, sid, trixie | |
| gnome-font-viewer | CVE-2019-19308 | In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, ... | buster |
| gnome-keyring | CVE-2018-19358 | GNOME Keyring through 3.28.2 allows local users to retrieve login cred ... | bookworm, bullseye, buster, sid, trixie |
| gnome-remote-desktop | CVE-2022-1736 | bullseye, buster | |
| gnome-shell | CVE-2012-4427 | The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force ... | buster |
| gnome-sushi | CVE-2019-19308 | In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, ... | buster |
| gnuchess | CVE-2019-15767 | In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_ ... | buster |
| gnumail | CVE-2007-1269 | GNUMail 1.1.2 and earlier does not properly use the --status-fd argume ... | bookworm, bullseye, buster, sid, trixie |
| gnupg1 | CVE-2018-6829 | cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-14855 | A flaw was found in the way certificate signatures could be forged usi ... | bookworm, bullseye, buster, sid, trixie | |
| gnupg2 | CVE-2022-3219 | GnuPG can be made to spin on a relatively small input by (for example) ... | bookworm, bullseye, buster, sid, trixie |
| gnuplot | CVE-2018-19490 | An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue all ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-19491 | An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allow ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-19492 | An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allo ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-25412 | com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-25559 | gnuplot 5.5 is affected by double free when executing print_set_output ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-25969 | gnuplot v5.5 was discovered to contain a buffer overflow via the funct ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-44917 | A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d ... | buster | |
| gnutls28 | CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windo ... | bookworm, bullseye, buster, sid, trixie |
| gocr | CVE-2021-33479 | A stack-based buffer overflow vulnerability was discovered in gocr thr ... | bookworm, bullseye, buster, sid |
| CVE-2021-33480 | An use-after-free vulnerability was discovered in gocr through 0.53-20 ... | bookworm, bullseye, buster, sid | |
| CVE-2021-33481 | A stack-based buffer overflow vulnerability was discovered in gocr thr ... | bookworm, bullseye, buster, sid | |
| golang-1.11 | CVE-2020-29509 | The encoding/xml package in Go (all versions) does not correctly prese ... | buster |
| CVE-2020-29510 | The encoding/xml package in Go versions 1.15 and earlier does not corr ... | buster | |
| CVE-2020-29511 | The encoding/xml package in Go (all versions) does not correctly prese ... | buster | |
| CVE-2022-41716 | Due to unsanitized NUL values, attackers may be able to maliciously se ... | buster | |
| CVE-2022-41720 | On Windows, restricted files can be accessed via os.DirFS and http.Dir ... | buster | |
| CVE-2022-41722 | A path traversal vulnerability exists in filepath.Clean on Windows. On ... | buster | |
| CVE-2023-45283 | The filepath package does not recognize paths with a \??\ prefix as sp ... | buster | |
| CVE-2023-45284 | On Windows, The IsLocal function does not correctly detect reserved de ... | buster | |
| golang-1.15 | CVE-2020-29509 | The encoding/xml package in Go (all versions) does not correctly prese ... | bullseye |
| CVE-2020-29510 | The encoding/xml package in Go versions 1.15 and earlier does not corr ... | bullseye | |
| CVE-2020-29511 | The encoding/xml package in Go (all versions) does not correctly prese ... | bullseye | |
| CVE-2022-41716 | Due to unsanitized NUL values, attackers may be able to maliciously se ... | bullseye | |
| CVE-2022-41720 | On Windows, restricted files can be accessed via os.DirFS and http.Dir ... | bullseye | |
| CVE-2022-41722 | A path traversal vulnerability exists in filepath.Clean on Windows. On ... | bullseye | |
| CVE-2023-45283 | The filepath package does not recognize paths with a \??\ prefix as sp ... | bullseye | |
| CVE-2023-45284 | On Windows, The IsLocal function does not correctly detect reserved de ... | bullseye | |
| golang-1.19 | CVE-2023-45283 | The filepath package does not recognize paths with a \??\ prefix as sp ... | bookworm |
| CVE-2023-45284 | On Windows, The IsLocal function does not correctly detect reserved de ... | bookworm | |
| golang-github-blevesearch-bleve | CVE-2022-31022 | Bleve is a text indexing library for go. Bleve includes HTTP utilities ... | bullseye, buster |
| golang-github-containers-buildah | CVE-2022-4122 | A vulnerability was found in buildah. Incorrect following of symlinks ... | bookworm, bullseye, sid, trixie |
| CVE-2022-4123 | A flaw was found in Buildah. The local path and the lowest subdirector ... | bookworm, bullseye, sid, trixie | |
| google-perftools | CVE-2018-13420 | Google gperftools 2.7 has a memory leak in malloc_extension.cc, relate ... | bookworm, bullseye, buster, sid, trixie |
| gpac | CVE-2020-22673 | Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows ... | buster |
| CVE-2020-22679 | Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 a ... | buster | |
| CVE-2021-31256 | Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0. ... | buster | |
| CVE-2021-31261 | The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to rea ... | buster | |
| CVE-2021-33361 | Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allo ... | sid | |
| CVE-2021-33363 | Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allo ... | sid | |
| CVE-2021-33364 | Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 ... | sid | |
| CVE-2021-33365 | Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0. ... | buster, sid | |
| CVE-2021-33366 | Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC ... | sid | |
| CVE-2022-3957 | A vulnerability classified as problematic was found in GPAC. Affected ... | buster, sid | |
| CVE-2022-43254 | GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a mem ... | bullseye, buster, sid | |
| CVE-2022-43255 | GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a mem ... | buster, sid | |
| gpp | CVE-2018-17076 | GPP through 2.25 will try to use more memory space than is available o ... | buster |
| gpw | CVE-2011-4931 | gpw generates shorter passwords than required | bookworm, bullseye, buster, sid, trixie |
| graphicsmagick | CVE-2017-13736 | There are lots of memory leaks in the GMCommand function in magick/com ... | bookworm, bullseye, buster, sid, trixie |
| graphviz | CVE-2019-11023 | The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39. ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-46045 | Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read vi ... | bookworm, bullseye, buster | |
| grub | CVE-2008-3896 | Grub Legacy 0.97 and earlier stores pre-boot authentication passwords ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-4949 | An attacker with local access to a system (either through a disk or ex ... | bookworm, bullseye, buster, sid, trixie | |
| gsoap | CVE-2021-21783 | A code execution vulnerability exists in the WS-Addressing plugin func ... | bookworm, bullseye, buster, sid, trixie |
| gssproxy | CVE-2020-12658 | gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex befor ... | bookworm, bullseye, buster, sid, trixie |
| gthumb | CVE-2020-36427 | GNOME gThumb before 3.10.1 allows an application crash via a malformed ... | buster |
| h2database | CVE-2022-45868 | The web-based admin console in H2 Database Engine before 2.2.220 can b ... | bookworm, bullseye, buster, sid, trixie |
| hamster-time-tracker | CVE-2023-36250 | CSV Injection vulnerability in GNOME time tracker version 3.0.2, allow ... | bookworm, bullseye, sid, trixie |
| haskell-tls | CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windo ... | bookworm, bullseye, buster, sid, trixie |
| hdf5 | CVE-2017-17507 | In HDF5 1.10.1, there is an out of bounds read vulnerability in the fu ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-13869 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a mem ... | bullseye, buster | |
| CVE-2018-13870 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bullseye, buster | |
| CVE-2018-14031 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14033 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bullseye, buster | |
| CVE-2018-14034 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14035 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14460 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bullseye, buster | |
| CVE-2018-15671 | An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stac ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-16438 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-17432 | A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in ... | bullseye, buster | |
| CVE-2018-17433 | A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-17435 | A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the ... | bullseye, buster | |
| CVE-2018-17436 | ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allo ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-17438 | A SIGFPE signal is raised in the function H5D__select_io() of H5Dselec ... | buster | |
| CVE-2018-17439 | An issue was discovered in the HDF HDF5 1.10.3 library. There is a sta ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-8397 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-9151 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-9152 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-10809 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-10810 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ... | bullseye, buster | |
| CVE-2020-10811 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ... | bullseye, buster | |
| CVE-2020-10812 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-18232 | Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-18494 | Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-37501 | Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45829 | HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denia ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45830 | A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45832 | A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45833 | A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 vi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-46242 | HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-46243 | An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1- ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-46244 | A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the functi ... | bookworm, bullseye, buster, sid, trixie | |
| hex-a-hop | TEMP-0528250-2E3658 | hex-a-hop: buffer overflow in loading save games | bookworm, bullseye, buster, sid, trixie |
| hiredis | CVE-2021-32765 | Hiredis is a minimalistic C client library for the Redis database. In ... | bullseye, buster |
| horizon-eda | CVE-2021-21897 | A code execution vulnerability exists in the DL_Dxf::handleLWPolylineD ... | bookworm, bullseye, buster, sid, trixie |
| htmldoc | CVE-2021-33235 | Buffer overflow vulnerability in write_node in htmldoc through 1.9.11 ... | bullseye, buster |
| CVE-2021-33236 | Buffer Overflow vulnerability in write_header in htmldoc through 1.9.1 ... | bullseye, buster | |
| CVE-2021-34119 | A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ... | bullseye, buster | |
| CVE-2021-34121 | An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function par ... | bullseye, buster | |
| CVE-2022-0137 | A heap buffer overflow in image_set_mask function of HTMLDOC before 1. ... | bullseye, buster | |
| CVE-2022-34033 | HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_h ... | bullseye, buster | |
| CVE-2022-34035 | HTMLDoc v1.9.12 and below was discovered to contain a heap overflow vi ... | bullseye, buster | |
| htslib | CVE-2018-14329 | In HTSlib 1.8, a race condition in cram/cram_io.c might allow local us ... | bookworm, bullseye, buster, sid, trixie |
| httpie | CVE-2023-48052 | Missing SSL certificate validation in HTTPie v3.2.2 allows attackers t ... | bookworm, sid, trixie |
| hugin | CVE-2024-25442 | An issue in the HuginBase::PanoramaMemento::loadPTScript function of H ... | bookworm, bullseye, buster |
| CVE-2024-25443 | An issue in the HuginBase::ImageVariable<double>::linkWith function of ... | bookworm, bullseye, buster | |
| CVE-2024-25445 | Improper handling of values in HuginBase::PTools::Transform::transform ... | bookworm, bullseye, buster | |
| CVE-2024-25446 | An issue in the HuginBase::PTools::setDestImage function of Hugin v202 ... | bookworm, bullseye, buster | |
| hugo | CVE-2020-26284 | Hugo is a fast and Flexible Static Site Generator built in Go. Hugo de ... | buster |
| hunspell | CVE-2019-16707 | Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommon ... | buster |
| icecast2 | CVE-2005-0837 | IceCast 2.20 allows remote attackers to bypass the XSL parser and obta ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2005-0838 | Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow ... | bookworm, bullseye, buster, sid, trixie | |
| icedtea-web | CVE-2015-5236 | It was discovered that the IcedTea-Web used codebase attribute of the ... | bookworm, bullseye, buster, sid, trixie |
| imagemagick | CVE-2005-0406 | A design flaw in image processing software that modifies JPEG images m ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2008-3134 | Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 al ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-8678 | The IsPixelMonochrome function in MagickCore/pixel-accessor.h in Image ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-7275 | The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allow ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-11754 | The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-11755 | The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-15607 | In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x3 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-13310 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory becau ... | buster | |
| CVE-2019-16709 | ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrate ... | buster | |
| CVE-2020-27753 | There are several memory leaks in the MIFF coder in /coders/miff.c due ... | buster | |
| CVE-2020-27755 | in SetImageExtent() of /MagickCore/image.c, an incorrect image depth s ... | buster | |
| CVE-2021-20311 | A flaw was found in ImageMagick in versions before 7.0.11, where a div ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-34152 | A vulnerability was found in ImageMagick. This security flaw cause a r ... | bookworm, bullseye, buster, sid, trixie | |
| indent | CVE-2024-0911 | A flaw was found in indent, a program for formatting C code. This issu ... | bullseye, buster |
| influxdb | CVE-2022-36640 | influxData influxDB before v1.8.10 contains no authentication mechanis ... | bookworm, bullseye, buster, sid, trixie |
| iniparser | CVE-2023-33461 | iniparser v4.1 is vulnerable to NULL Pointer Dereference in function i ... | bookworm, bullseye, buster |
| initramfs-tools | CVE-2008-4996 | init in initramfs-tools 0.92f allows local users to overwrite arbitrar ... | bookworm, bullseye, buster, sid, trixie |
| inkscape | CVE-2021-42700 | Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow ... | buster |
| CVE-2021-42702 | Inkscape version 0.91 can access an uninitialized pointer, which may a ... | buster | |
| CVE-2021-42704 | Inkscape version 0.91 is vulnerable to an out-of-bounds write, which m ... | buster | |
| ioquake3 | CVE-2019-1010043 | Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: Poss ... | bookworm, bullseye, buster, sid, trixie |
| iotjs | CVE-2020-29657 | In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unh ... | bullseye, buster |
| ippsample | CVE-2023-24808 | PDFio is a C library for reading and writing PDF files. In versions pr ... | bookworm, sid |
| iptables | CVE-2012-2663 | extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP S ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-11360 | A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allo ... | buster | |
| isakmpd | CVE-2018-5389 | The Internet Key Exchange v1 main mode is vulnerable to offline dictio ... | buster |
| jackrabbit | CVE-2023-37895 | Java object deserialization issue in Jackrabbit webapp/standalone on a ... | bookworm, bullseye, buster |
| jakarta-el-api | CVE-2021-28170 | In the Jakarta Expression Language implementation 3.0.3 and earlier, a ... | bookworm, bullseye, sid, trixie |
| janino | CVE-2023-33546 | Janino 3.1.9 and earlier are subject to denial of service (DOS) attack ... | bookworm, bullseye, buster, sid, trixie |
| jansson | CVE-2020-36325 | An issue was discovered in Jansson through 2.13.1. Due to a parsing er ... | bookworm, bullseye, buster, sid, trixie |
| janus | CVE-2021-4124 | janus-gateway is vulnerable to Improper Neutralization of Input During ... | bookworm, sid, trixie |
| jbigkit | CVE-2017-9937 | In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A cr ... | bookworm, bullseye, buster, sid, trixie |
| jhead | CVE-2019-19035 | jhead 3.03 is affected by: heap-based buffer over-read. The impact is: ... | buster |
| CVE-2019-1010301 | jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of s ... | buster | |
| CVE-2019-1010302 | jhead 3.03 is affected by: Incorrect Access Control. The impact is: De ... | buster | |
| CVE-2020-6624 | jhead through 3.04 has a heap-based buffer over-read in process_DQT in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-6625 | jhead through 3.04 has a heap-based buffer over-read in Get32s when ca ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-26208 | JHEAD is a simple command line tool for displaying and some manipulati ... | buster | |
| CVE-2020-28840 | Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead ve ... | bullseye, buster | |
| CVE-2021-3496 | A heap-based buffer overflow was found in jhead in version 3.06 in Get ... | buster | |
| CVE-2021-28275 | A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to ... | bullseye, buster | |
| CVE-2021-28276 | A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a ... | bullseye, buster | |
| CVE-2021-28277 | A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.0 ... | bullseye, buster | |
| CVE-2021-28278 | A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3. ... | bullseye, buster | |
| CVE-2024-2824 | A vulnerability was found in Matthias-Wandel jhead 3.08 and classified ... | bookworm, bullseye, buster, sid, trixie | |
| jinja2 | CVE-2019-8341 | An issue was discovered in Jinja2 2.10. The from_string function is pr ... | bookworm, bullseye, buster, sid, trixie |
| jpeg-xl | CVE-2021-36691 | libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image ... | bookworm, sid, trixie |
| jpegoptim | CVE-2022-32325 | JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation wh ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-27781 | jpegoptim v1.5.2 was discovered to contain a heap overflow in the opti ... | bookworm, bullseye, buster, sid, trixie | |
| jquery | CVE-2007-2379 | The jQuery framework exchanges data using JavaScript Object Notation ( ... | buster |
| CVE-2018-18405 | jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG ele ... | buster | |
| jquery-goodies | CVE-2022-23395 | jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead ... | bookworm, bullseye, buster, sid, trixie |
| json-glib | TEMP-0772585-D41D8C | bookworm, bullseye, buster, sid, trixie | |
| json-smart | CVE-2021-31684 | A vulnerability was discovered in the indexOf function of JSONParserBy ... | bookworm, bullseye, sid, trixie |
| jsonpickle | CVE-2020-22083 | jsonpickle through 1.4.1 allows remote code execution during deseriali ... | bookworm, bullseye, buster, sid, trixie |
| jupyter-server | CVE-2023-49080 | The Jupyter Server provides the backend (i.e. the core services, APIs, ... | bookworm, bullseye, sid, trixie |
| jython | CVE-2017-17522 | Lib/webbrowser.py in Python through 3.6.3 does not validate strings be ... | bookworm, bullseye, buster, sid, trixie |
| kde4libs | CVE-2009-1692 | WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iP ... | buster |
| CVE-2009-1718 | WebKit in Apple Safari before 4.0 allows user-assisted remote attacker ... | buster | |
| CVE-2009-1724 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ... | buster | |
| CVE-2009-3015 | QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and d ... | buster | |
| CVE-2009-3272 | Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safar ... | buster | |
| TEMP-0560108-565B70 | browser-based css info disclosure | buster | |
| TEMP-0568486-B6FCB6 | browser javascript document.write denial-of-service | buster | |
| keepass2 | CVE-2019-20184 | KeePass 2.4.1 allows CSV injection in the title field of a CSV export. | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-32784 | In KeePass 2.x before 2.54, it is possible to recover the cleartext ma ... | bookworm, bullseye, buster, sid, trixie | |
| kfreebsd-10 | CVE-2011-2393 | The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ... | buster |
| CVE-2016-1879 | The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 ... | buster | |
| CVE-2017-1081 | In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3 ... | buster | |
| CVE-2017-1082 | In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the ... | buster | |
| CVE-2017-1083 | In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is ... | buster | |
| CVE-2017-1084 | In FreeBSD before 11.2-RELEASE, multiple issues with the implementatio ... | buster | |
| CVE-2017-1085 | In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() ... | buster | |
| CVE-2017-1086 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4 ... | buster | |
| CVE-2017-1087 | In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE- ... | buster | |
| CVE-2017-1088 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4 ... | buster | |
| CVE-2017-15037 | In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_s ... | buster | |
| CVE-2018-6916 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELE ... | buster | |
| CVE-2018-6917 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELE ... | buster | |
| CVE-2018-6918 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELE ... | buster | |
| CVE-2018-6919 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELE ... | buster | |
| CVE-2018-6920 | In FreeBSD before 11.1-STABLE(r332303), 11.1-RELEASE-p10, 10.4-STABLE( ... | buster | |
| CVE-2018-6921 | In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to in ... | buster | |
| CVE-2018-6922 | One of the data structures that holds TCP segments in all versions of ... | buster | |
| CVE-2018-6923 | In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip f ... | buster | |
| CVE-2018-6924 | In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4 ... | buster | |
| CVE-2018-6925 | In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE- ... | buster | |
| CVE-2018-17154 | In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELE ... | buster | |
| CVE-2018-17155 | In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE- ... | buster | |
| CVE-2018-17156 | In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to inc ... | buster | |
| CVE-2019-5595 | In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r ... | buster | |
| CVE-2019-5596 | In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE b ... | buster | |
| CVE-2019-5597 | In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEAS ... | buster | |
| CVE-2019-5598 | In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, ... | buster | |
| CVE-2019-5601 | In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEAS ... | buster | |
| CVE-2019-5602 | In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEAS ... | buster | |
| CVE-2019-5603 | In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEAS ... | buster | |
| CVE-2019-5605 | In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEAS ... | buster | |
| CVE-2019-5606 | In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEAS ... | buster | |
| CVE-2019-5609 | In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEAS ... | buster | |
| CVE-2019-5611 | In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEAS ... | buster | |
| CVE-2019-5612 | In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEAS ... | buster | |
| CVE-2019-5614 | In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEAS ... | buster | |
| CVE-2019-15874 | In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEAS ... | buster | |
| CVE-2019-15875 | In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEAS ... | buster | |
| CVE-2019-15878 | In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and ... | buster | |
| CVE-2020-7452 | In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEAS ... | buster | |
| CVE-2020-7453 | In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEAS ... | buster | |
| CVE-2020-7456 | In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-ST ... | buster | |
| CVE-2020-7459 | In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-ST ... | buster | |
| CVE-2020-7462 | In 11.4-PRERELEASE before r360733 and 11.3-RELEASE before p13, imprope ... | buster | |
| CVE-2020-7463 | In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12. ... | buster | |
| CVE-2020-7464 | In FreeBSD 12.2-STABLE before r365730, 11.4-STABLE before r365738, 12. ... | buster | |
| CVE-2020-7469 | In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12. ... | buster | |
| CVE-2020-25578 | In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12. ... | buster | |
| CVE-2020-25579 | In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12. ... | buster | |
| CVE-2020-25581 | In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12. ... | buster | |
| CVE-2020-25582 | In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12. ... | buster | |
| CVE-2021-29626 | In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11. ... | buster | |
| CVE-2021-29632 | In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before ... | buster | |
| kiwi | CVE-2017-17532 | examples/framework/news/news3.py in Kiwi 1.9.22 does not validate stri ... | bookworm, buster, sid, trixie |
| knot-resolver | CVE-2022-32983 | Knot Resolver through 5.5.1 may allow DNS cache poisoning when there i ... | bookworm, bullseye, buster, sid, trixie |
| kopano-webapp-plugin-files | CVE-2019-16774 | In phpfastcache before 5.1.3, there is a possible object injection vul ... | buster |
| krb5 | CVE-2018-5709 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The ... | bookworm, bullseye, buster, sid, trixie |
| lbreakout2 | TEMP-0608980-E8B8DF | Crash with long HOME environment variable | bookworm, bullseye, buster |
| leocad | CVE-2021-31804 | LeoCAD before 21.03 sometimes allows a use-after-free during the openi ... | bookworm, bullseye, buster, sid, trixie |
| libao | CVE-2017-11548 | The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 a ... | bookworm, bullseye, buster, sid, trixie |
| libapache-poi-java | CVE-2016-5000 | The XLSX2CSV example in Apache POI before 3.14 allows remote attackers ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-12415 | In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to conv ... | bookworm, bullseye, buster, sid, trixie | |
| libcaca | CVE-2022-0856 | libcaca is affected by a Divide By Zero issue via img2txt, which allow ... | bookworm, bullseye, buster, sid, trixie |
| libcommons-collections4-java | CVE-2015-7501 | Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data G ... | bookworm, bullseye, buster, sid, trixie |
| libcommons-fileupload-java | CVE-2016-1000031 | Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation ... | bookworm, bullseye, buster, sid, trixie |
| libcrypto++ | CVE-2016-7420 | Crypto++ (aka cryptopp) through 5.6.4 does not document the requiremen ... | bookworm, bullseye, buster, sid, trixie |
| libdata-uuid-perl | CVE-2013-4184 | Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink a ... | bookworm, bullseye, buster, sid, trixie |
| libdata-validate-ip-perl | CVE-2021-29662 | The Data::Validate::IP module through 0.29 for Perl does not properly ... | buster |
| libesmtp | CVE-2019-19977 | libESMTP through 1.0.6 mishandles domain copying into a fixed-size buf ... | bookworm, bullseye, buster, sid, trixie |
| libfwsi | CVE-2019-17263 | In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_b ... | bookworm, bullseye, buster, sid, trixie |
| libgadu | CVE-2013-4488 | libgadu before 1.12.0 does not verify X.509 certificates from SSL serv ... | bookworm, bullseye, buster, sid, trixie |
| libgcrypt20 | CVE-2018-6829 | cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ... | bookworm, bullseye, buster, sid, trixie |
| libgd2 | CVE-2021-40145 | gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) throu ... | bullseye, buster |
| libgig | CVE-2018-14449 | An issue was discovered in libgig 4.1.0. There is an out of bounds rea ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-14450 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14451 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14452 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14453 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14454 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14455 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14456 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14457 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14458 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14459 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18192 | An issue was discovered in libgig 4.1.0. There is a NULL pointer deref ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18193 | An issue was discovered in libgig 4.1.0. There is operator new[] failu ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18194 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18195 | An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-ze ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18196 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18197 | An issue was discovered in libgig 4.1.0. There is an operator new[] fa ... | bookworm, bullseye, buster, sid, trixie | |
| libglvnd | CVE-2023-45924 | libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a ... | bookworm, bullseye, buster, sid, trixie |
| libheif | CVE-2024-25269 | libheif <= 1.17.6 contains a memory leak in the function JpegEncoder:: ... | bookworm, bullseye, buster, sid, trixie |
| libhttp-tiny-perl | CVE-2023-31486 | HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ... | bookworm, buster |
| libjpeg | CVE-2022-31620 | In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an ... | bullseye |
| CVE-2022-31796 | libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRe ... | bullseye | |
| CVE-2022-32201 | In libjpeg 1.63, there is a NULL pointer dereference in Component::Sub ... | bullseye | |
| CVE-2022-32202 | In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::Fe ... | bullseye | |
| CVE-2022-32978 | There is an assertion failure in SingleComponentLSScan::ParseMCU in si ... | bullseye | |
| CVE-2022-35166 | libjpeg commit 842c7ba was discovered to contain an infinite loop via ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-37768 | libjpeg commit 281daa9 was discovered to contain an infinite loop via ... | bullseye | |
| CVE-2022-37770 | libjpeg commit 281daa9 was discovered to contain a segmentation fault ... | bullseye | |
| libjpeg-turbo | CVE-2017-15232 | libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and j ... | buster |
| CVE-2018-11813 | libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles ... | buster | |
| CVE-2020-17541 | Libjpeg-turbo all version have a stack-based buffer overflow in the "t ... | buster | |
| libjpeg6b | CVE-2016-3616 | The cjpeg utility in libjpeg allows remote attackers to cause a denial ... | sid |
| libjs-i18next | CVE-2017-16010 | i18next is a language translation framework. When using the .init meth ... | buster |
| liblivemedia | CVE-2019-7732 | In Live555 0.95, a setup packet can cause a memory leak leading to DoS ... | buster |
| liblnk | CVE-2019-17263 | In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_b ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-17264 | In libyal liblnk before 20191006, liblnk_location_information_read_dat ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-17401 | libyal liblnk 20191006 has a heap-based buffer over-read in the networ ... | bookworm, bullseye, buster, sid, trixie | |
| liblouis | CVE-2023-26767 | Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remo ... | bookworm, bullseye, buster |
| CVE-2023-26768 | Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remo ... | bookworm, bullseye, buster | |
| CVE-2023-26769 | Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 all ... | bookworm, bullseye, buster | |
| libmatio | CVE-2019-20019 | An attempted excessive memory allocation was discovered in Mat_VarRead ... | bookworm, bullseye, buster, sid, trixie |
| libmetadata-extractor-java | CVE-2022-24613 | metadata-extractor up to 2.16.0 can throw various uncaught exceptions ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2022-24614 | When reading a specially crafted JPEG file, metadata-extractor up to 2 ... | bookworm, bullseye, buster, sid, trixie | |
| libokhttp-java | CVE-2018-20200 | CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the- ... | bookworm, bullseye, buster, sid, trixie |
| libpam-krb5 | CVE-2023-3326 | pam_krb5 authenticates a user by essentially running kinit with the pa ... | bookworm, bullseye, buster, sid, trixie |
| libphp-adodb | CVE-2006-4976 | The Date Library in John Lim ADOdb Library for PHP allows remote attac ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2011-3699 | John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain ... | bookworm, bullseye, buster, sid, trixie | |
| libpng1.6 | CVE-2018-14048 | An issue has been found in libpng 1.6.34. It is a SEGV in the function ... | buster |
| CVE-2018-14550 | An issue has been found in third-party PNM decoding associated with li ... | buster | |
| CVE-2019-6129 | png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ... | bullseye, buster | |
| CVE-2021-4214 | A heap overflow flaw was found in libpngs' pngimage.c program. This fl ... | bookworm, bullseye, buster, sid, trixie | |
| libpodofo | CVE-2018-20797 | An issue was discovered in PoDoFo 0.9.6. There is an attempted excessi ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2020-18972 | Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v ... | bookworm, bullseye, buster, sid, trixie | |
| libquicktime | CVE-2017-12143 | In libquicktime 1.2.4, an allocation failure was found in the function ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-12145 | In libquicktime 1.2.4, an allocation failure was found in the function ... | bookworm, bullseye, buster, sid, trixie | |
| libraw | CVE-2020-24890 | libraw 20.0 has a null pointer dereference vulnerability in parse_tiff ... | bookworm, bullseye, buster, sid, trixie |
| librecad | CVE-2021-21897 | A code execution vulnerability exists in the DL_Dxf::handleLWPolylineD ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-30259 | A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 ... | bookworm, bullseye, buster | |
| libreoffice | CVE-2012-5639 | LibreOffice and OpenOffice automatically open embedded content | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-10583 | An information disclosure vulnerability occurs when LibreOffice 6.0.3 ... | bookworm, bullseye, buster, sid, trixie | |
| libreswan | CVE-2018-5389 | The Internet Key Exchange v1 main mode is vulnerable to offline dictio ... | bookworm, bullseye, buster, sid |
| libsass | CVE-2019-18797 | LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sas ... | bookworm, bullseye, buster, sid, trixie |
| libseccomp | CVE-2019-9893 | libseccomp before 2.4.0 did not correctly generate 64-bit syscall argu ... | buster |
| libsixel | CVE-2019-11024 | The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has ... | buster |
| libslirp | CVE-2020-7211 | tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ ... | bookworm, bullseye, sid, trixie |
| libsolv | CVE-2018-20534 | There is an illegal address access at ext/testcase.c in libsolv.a in l ... | buster |
| CVE-2021-3200 | Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * t ... | buster | |
| CVE-2021-44568 | Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv th ... | buster | |
| libspiro | CVE-2019-19847 | Libspiro through 20190731 has a stack-based buffer overflow in the spi ... | buster |
| libspring-java | CVE-2020-5421 | In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5. ... | buster |
| CVE-2021-22060 | In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-22096 | In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-22950 | n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-22965 | A Spring MVC or Spring WebFlux application running on JDK 9+ may be vu ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-22968 | In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-22970 | In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-22971 | In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-20860 | Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-20861 | In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELE ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-20863 | In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2024-22243 | Applications that use UriComponentsBuilderto parse an externally provi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2024-22259 | Applications that use UriComponentsBuilder in Spring Frameworkto parse ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2024-22262 | Applications that use UriComponentsBuilderto parse an externally provi ... | bookworm, bullseye, buster, sid, trixie | |
| libstb | CVE-2022-27938 | stb_image.h (aka the stb image loader) 2.19, as used in libsixel and o ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2022-28048 | STB v2.27 was discovered to contain an integer shift of invalid size i ... | bookworm, bullseye, buster | |
| libtasn1-6 | CVE-2018-1000654 | GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 c ... | buster |
| libuv1 | CVE-2020-8252 | The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14 ... | buster |
| libvncserver | CVE-2019-15680 | TightVNC code version 1.3.10 contains null pointer dereference in Hand ... | bookworm, bullseye, buster, sid, trixie |
| libvpx | CVE-2017-0641 | A remote denial of service vulnerability in libvpx in Mediaserver coul ... | bookworm, bullseye, buster, sid, trixie |
| libvterm | CVE-2018-20786 | libvterm through 0+bzr726, as used in Vim and other products, mishandl ... | bookworm, bullseye, buster, sid, trixie |
| libwmf | CVE-2007-3476 | Array index error in gd_gif_in.c in the GD Graphics Library (libgd) be ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2007-3477 | The (a) imagearc and (b) imagefilledarc functions in GD Graphics Libra ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2007-3996 | Multiple integer overflows in libgd in PHP before 5.2.4 allow remote a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2009-3546 | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5. ... | bookworm, bullseye, buster, sid, trixie | |
| TEMP-0601525-BEBB65 | libgd2: gdImageColorTransparent can write outside buffer | bookworm, bullseye, buster, sid, trixie | |
| libxerces2-java | CVE-2012-0881 | Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to ca ... | bookworm, bullseye, buster, sid, trixie |
| libxslt | CVE-2015-9019 | In libxslt 1.1.29 and earlier, the EXSLT math.random function was not ... | bookworm, bullseye, buster, sid, trixie |
| libxsmm | CVE-2018-20543 | There is an attempted excessive memory allocation at libxsmm_sparse_cs ... | bookworm, sid, trixie |
| libxstream-java | CVE-2022-40151 | Those using Xstream to seralize XML data may be vulnerable to Denial o ... | bookworm, bullseye, buster, sid, trixie |
| lilo | CVE-2008-3895 | LILO 22.6.1 and earlier stores pre-boot authentication passwords in th ... | buster |
| linux | CVE-2004-0230 | TCP, when using a large Window Size, makes it easier for remote attack ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2005-3660 | Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2007-3719 | The process scheduler in the Linux kernel 2.6.16 gives preference to " ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2008-2544 | Mounting /proc filesystem via chroot command silently mounts it in rea ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2008-4609 | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2010-4563 | The Linux kernel, when using IPv6, allows remote attackers to determin ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2010-5321 | Memory leak in drivers/media/video/videobuf-core.c in the videobuf sub ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2011-4915 | fs/proc/base.c in the Linux kernel through 3.1 allows local users to o ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2011-4916 | Linux kernel through 3.1 allows local users to obtain sensitive keystr ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2011-4917 | In the Linux kernel through 3.1 there is an information disclosure iss ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2012-4542 | block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2014-9892 | The snd_compr_tstamp function in sound/core/compress_offload.c in the ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2014-9900 | The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2015-2877 | Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x d ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-8660 | The XFS subsystem in the Linux kernel through 4.8.2 allows local users ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-10723 | An issue was discovered in the Linux kernel through 4.17.2. Since the ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-0630 | An information disclosure vulnerability in the kernel trace subsystem ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-13693 | The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils. ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-13694 | The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobje ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-1121 | procps-ng, procps is vulnerable to a process hiding through race condi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-17977 | The Linux kernel 4.14.67 mishandles certain interaction among XFRM Net ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-11191 | The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and i ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12378 | An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12379 | An issue was discovered in con_insert_unipair in drivers/tty/vt/consol ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12380 | **DISPUTED** An issue was discovered in the efi subsystem in the Linux ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12381 | An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12382 | An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/d ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12455 | An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12456 | An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12615 | An issue was discovered in get_vdev_port_node_info in arch/sparc/kerne ... | buster | |
| CVE-2019-16229 | drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-16230 | drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 doe ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-16231 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-16232 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5. ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-16233 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not chec ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-16234 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5. ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-19064 | A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl ... | buster | |
| CVE-2019-19070 | A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-19083 | Memory leaks in *clock_source_create() functions under drivers/gpu/drm ... | buster | |
| CVE-2019-19378 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-11725 | snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-27820 | A vulnerability was found in Linux kernel, where a use-after-frees in ... | buster | |
| CVE-2020-35501 | A flaw was found in the Linux kernels implementation of audit rules, w ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-0929 | In ion_dma_buf_end_cpu_access and related functions of ion.c, there is ... | buster | |
| CVE-2021-3714 | A flaw was found in the Linux kernels memory deduplication mechanism. ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-26934 | An issue was discovered in the Linux kernel 4.18 through 5.10.16, as u ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-32078 | An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/perso ... | bullseye, buster | |
| CVE-2022-0400 | An out-of-bounds read vulnerability was discovered in linux kernel in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-1247 | An issue found in linux-kernel that leads to a race condition in rose_ ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-2961 | A use-after-free flaw was found in the Linux kernel\u2019s PLP Rose fu ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-3238 | A double-free flaw was found in the Linux kernel\u2019s NTFS3 subsyste ... | bookworm, sid, trixie | |
| CVE-2022-25265 | In the Linux kernel through 5.16.10, certain binary files may have the ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-41848 | drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-44032 | An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-44033 | An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-44034 | An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ... | bookworm, bullseye, buster | |
| CVE-2022-45884 | An issue was discovered in the Linux kernel through 6.0.9. drivers/med ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-45885 | An issue was discovered in the Linux kernel through 6.0.9. drivers/med ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-45888 | An issue was discovered in the Linux kernel through 6.0.9. drivers/cha ... | bookworm | |
| CVE-2023-3640 | A possible unauthorized memory access flaw was found in the Linux kern ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-4134 | Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync() | bookworm, bullseye, buster | |
| CVE-2023-6610 | An out-of-bounds read vulnerability was found in smb2_dump_detail in f ... | bullseye, buster | |
| CVE-2023-22995 | In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_regis ... | bullseye | |
| CVE-2023-23000 | In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles t ... | bullseye, buster | |
| CVE-2023-23003 | In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check ... | bullseye, buster | |
| CVE-2023-23039 | An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-26242 | afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31081 | An issue was discovered in drivers/media/test-drivers/vidtv/vidtv_brid ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31085 | An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-39191 | An improper input validation flaw was found in the eBPF subsystem in t ... | bookworm | |
| TEMP-0000000-F7A20F | Kernel: Unprivileged user can freeze journald | bookworm, bullseye, buster, sid, trixie | |
| llvm-toolchain-13 | CVE-2023-29932 | llvm-project commit fdbc55a5 was discovered to contain a segmentation ... | bookworm, bullseye, buster |
| CVE-2023-29933 | llvm-project commit bd456297 was discovered to contain a segmentation ... | bookworm, bullseye, buster | |
| CVE-2023-29934 | llvm-project commit 6c01b5c was discovered to contain a segmentation f ... | bookworm, bullseye, buster | |
| CVE-2023-29935 | llvm-project commit a0138390 was discovered to contain an assertion fa ... | bookworm, bullseye, buster | |
| CVE-2023-29939 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, bullseye, buster | |
| CVE-2023-29941 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, bullseye, buster | |
| CVE-2023-29942 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, bullseye, buster | |
| llvm-toolchain-14 | CVE-2023-26924 | LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockReg ... | bookworm, sid |
| CVE-2023-29932 | llvm-project commit fdbc55a5 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29933 | llvm-project commit bd456297 was discovered to contain a segmentation ... | bookworm, sid | |
| CVE-2023-29934 | llvm-project commit 6c01b5c was discovered to contain a segmentation f ... | bookworm | |
| CVE-2023-29935 | llvm-project commit a0138390 was discovered to contain an assertion fa ... | bookworm, sid | |
| CVE-2023-29939 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29941 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, sid | |
| CVE-2023-29942 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, sid | |
| llvm-toolchain-15 | CVE-2023-26924 | LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockReg ... | bookworm, sid, trixie |
| CVE-2023-29932 | llvm-project commit fdbc55a5 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29933 | llvm-project commit bd456297 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29934 | llvm-project commit 6c01b5c was discovered to contain a segmentation f ... | bookworm | |
| CVE-2023-29935 | llvm-project commit a0138390 was discovered to contain an assertion fa ... | bookworm, sid, trixie | |
| CVE-2023-29939 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29941 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, sid, trixie | |
| CVE-2023-29942 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, sid, trixie | |
| log4cxx | CVE-2023-31038 | SQL injection in Log4cxx when using the ODBC appender to send log mess ... | bookworm, bullseye, buster |
| loguru | CVE-2022-0338 | Insertion of Sensitive Information into Log File in Conda loguru prior ... | bookworm, sid, trixie |
| lrzip | CVE-2019-10654 | The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2021-33451 | An issue was discovered in lrzip version 0.641. There are memory leaks ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33453 | An issue was discovered in lrzip version 0.641. There is a use-after-f ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-33067 | Lrzip v0.651 was discovered to contain multiple invalid arithmetic shi ... | bookworm, bullseye, buster, sid, trixie | |
| lua-cgi | CVE-2014-2875 | The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses wea ... | bookworm, bullseye, buster, sid, trixie |
| luajit | CVE-2019-19391 | In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other pro ... | bullseye, buster |
| CVE-2020-15890 | LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc hand ... | bullseye, buster | |
| CVE-2020-24372 | LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in ... | bookworm, bullseye, buster, sid, trixie | |
| lucene-solr | CVE-2017-3164 | Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (in ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-17558 | Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ... | bookworm, bullseye, buster, sid, trixie | |
| lxc-templates | CVE-2017-18641 | In LXC 2.0, many template scripts download code over cleartext HTTP, a ... | bookworm, bullseye, buster, sid, trixie |
| lynis | CVE-2019-13033 | In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by ... | buster |
| CVE-2020-13882 | CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TO ... | buster | |
| m2crypto | CVE-2009-0127 | M2Crypto does not properly check the return value from the OpenSSL EVP ... | bookworm, bullseye, buster, sid, trixie |
| m4 | CVE-2008-1687 | The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1. ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2008-1688 | Unspecified vulnerability in GNU m4 before 1.4.11 might allow context- ... | bookworm, bullseye, buster, sid, trixie | |
| magpierss | CVE-2006-4735 | Kellan Elliott-McCrea MagpieRSS allows remote attackers to obtain sens ... | buster |
| maildirsync | CVE-2008-5150 | sample.sh in maildirsync 1.1 allows local users to append data to arbi ... | bookworm, bullseye, buster, sid, trixie |
| mapcache | CVE-2019-20005 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-20006 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20007 | An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20198 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20199 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20200 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20201 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20202 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-26220 | The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to O ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-26221 | The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-26222 | The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-30485 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-31229 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-31347 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-31348 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-31598 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-30045 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| matanza | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... | bookworm, bullseye, buster, sid, trixie | |
| mathtex | CVE-2023-51890 | An infinite loop issue discovered in Mathtex 1.05 and before allows a ... | bookworm, bullseye, buster, sid, trixie |
| mbedtls | CVE-2018-1000520 | ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows In ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-43615 | Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. | bookworm, bullseye, buster, sid, trixie | |
| mc | CVE-2023-45925 | GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain ... | bookworm, bullseye, buster, sid, trixie |
| mcollective | CVE-2014-0175 | mcollective has a default password set at install | bookworm, bullseye, buster, sid, trixie |
| mdadm | CVE-2023-28938 | Uncontrolled resource consumption in some Intel(R) SSD Tools software ... | bullseye, buster |
| mediaelement | CVE-2016-4567 | Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as ... | bookworm, bullseye, buster, sid, trixie |
| mesa | CVE-2023-45913 | Mesa v23.0.4 was discovered to contain a NULL pointer dereference via ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-45919 | Mesa 23.0.4 was discovered to contain a buffer over-read in glXQuerySe ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-45922 | glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-45931 | Mesa 23.0.4 was discovered to contain a NULL pointer dereference in ch ... | bookworm, bullseye, buster, sid, trixie | |
| metview | CVE-2017-17515 | etc/ObjectList in Metview 4.7.3 does not validate strings before launc ... | bookworm, bullseye, buster, sid, trixie |
| mh-book | CVE-2008-5152 | inmail-show in mh-book 200605 allows local users to overwrite arbitrar ... | bookworm, bullseye, buster, sid, trixie |
| midori | CVE-2012-2132 | libsoup 2.32.2 and earlier does not validate certificates or clear the ... | bullseye, buster |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | bullseye, buster | |
| milkytracker | CVE-2022-34927 | MilkyTracker v1.03.00 was discovered to contain a stack overflow via t ... | bookworm, bullseye, buster |
| mingw-w64 | CVE-2018-5392 | mingw-w64 version 5.0.4 by default produces executables that opt in to ... | bookworm, bullseye, buster, sid, trixie |
| mini-httpd | CVE-2009-4490 | mini_httpd 1.19 writes data to a log file without sanitizing non-print ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-17663 | The htpasswd implementation of mini_httpd before v1.28 and of thttpd b ... | bookworm, bullseye, buster, sid, trixie | |
| minidjvu | CVE-2017-12441 | The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can ca ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-12442 | The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can ca ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-12443 | The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-12444 | The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidj ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-12445 | The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cp ... | bookworm, bullseye, buster, sid, trixie | |
| minidlna | CVE-2023-47430 | Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 al ... | bookworm, bullseye, buster, sid, trixie |
| minizinc | CVE-2023-46046 | An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference vi ... | bookworm, bullseye, buster |
| modsecurity-crs | CVE-2019-11387 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | buster |
| CVE-2019-11388 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-11389 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-11390 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-11391 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | bookworm, bullseye, buster, sid, trixie | |
| moin | CVE-2007-0902 | Unspecified vulnerability in the "Show debugging information" feature ... | buster |
| mojarra | CVE-2010-2087 | Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application ... | bookworm, bullseye, buster, sid, trixie |
| monitoring-plugins | CVE-2023-37154 | bookworm, bullseye, buster, sid, trixie | |
| monopd | CVE-2015-0841 | Off-by-one error in the readBuf function in listener.cpp in libcapsine ... | bookworm, bullseye, buster, sid, trixie |
| mozilla-noscript | CVE-2018-16983 | NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other ... | buster, sid |
| mp3splt | CVE-2017-5665 | The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allo ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-5666 | The free_options function in options_manager.c in mp3splt 2.6.2 allows ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-5851 | The free_options function in options_manager.c in mp3splt 2.6.2 allows ... | bookworm, bullseye, buster, sid, trixie | |
| mplayer | CVE-2022-38600 | Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf ... | bullseye, buster |
| CVE-2022-38853 | Certain The MPlayer Project products are vulnerable to Buffer Overflow ... | bullseye, buster | |
| CVE-2022-38856 | Certain The MPlayer Project products are vulnerable to Buffer Overflow ... | bullseye, buster | |
| mupdf | CVE-2018-19777 | In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg ... | buster |
| CVE-2020-26683 | A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Softw ... | bullseye, buster | |
| CVE-2021-4216 | A Floating point exception (division-by-zero) flaw was found in Mupdf ... | bullseye, buster | |
| CVE-2023-31794 | MuPDF v1.21.1 was discovered to contain an infinite recursion in the c ... | bookworm, bullseye, buster | |
| CVE-2023-51103 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-51104 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-51105 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-51106 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-51107 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, buster, sid, trixie | |
| musescore3 | CVE-2023-26923 | Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that ... | bookworm, bullseye, sid, trixie |
| mustache.js | CVE-2015-8861 | The handlebars package before 4.0.0 for Node.js allows remote attacker ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2015-8862 | mustache package before 2.2.1 for Node.js allows remote attackers to c ... | bookworm, bullseye, buster, sid, trixie | |
| TEMP-0000000-137F0A | quoteless attributes in templates can lead to content injection | bookworm, bullseye, buster, sid, trixie | |
| mutt | CVE-2007-1268 | Mutt 1.5.13 and earlier does not properly use the --status-fd argument ... | bookworm, bullseye, buster, sid, trixie |
| mxml | CVE-2018-20005 | An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after ... | bookworm, bullseye, buster, sid, trixie |
| mycli | CVE-2023-44690 | Inadequate encryption strength in mycli 1.27.0 allows attackers to vie ... | bookworm, bullseye, buster, sid, trixie |
| nacl | CVE-2015-0565 | NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks ... | bookworm, bullseye, buster, sid, trixie |
| nagios4 | CVE-2020-35269 | Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ... | bookworm, bullseye, buster, sid, trixie |
| nasm | CVE-2018-19213 | Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may le ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-19755 | There is an illegal address access at asm/preproc.c (function: is_mmac ... | buster | |
| CVE-2018-20535 | There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ... | buster | |
| CVE-2018-20538 | There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-1000886 | nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-6290 | An infinite recursion issue was discovered in eval.c in Netwide Assemb ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-6291 | An issue was discovered in the function expr6 in eval.c in Netwide Ass ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-8343 | In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in past ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-14248 | In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows ... | buster | |
| CVE-2019-20334 | In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20352 | In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occ ... | buster | |
| CVE-2020-18780 | A Use After Free vulnerability in function new_Token in asm/preproc.c ... | buster | |
| CVE-2020-18974 | Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-21528 | A Segmentation Fault issue discovered in in ieee_segment function in o ... | bullseye, buster | |
| CVE-2020-21685 | Buffer Overflow vulnerability in hash_findi function in hashtbl.c in n ... | buster | |
| CVE-2020-21687 | Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2. ... | buster | |
| CVE-2020-24241 | In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in ... | buster | |
| CVE-2020-24242 | In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_tex ... | buster | |
| CVE-2021-33450 | An issue was discovered in NASM version 2.16rc0. There are memory leak ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33452 | An issue was discovered in NASM version 2.16rc0. There are memory leak ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45256 | A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45257 | An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_t ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-29654 | Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm ... | bullseye, buster | |
| CVE-2022-41420 | nasm v2.16 was discovered to contain a stack overflow in the Ndisasm c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-44368 | NASM v2.16 was discovered to contain a null pointer deference in the N ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-44369 | NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-44370 | NASM v2.16 was discovered to contain a heap buffer overflow in the com ... | bullseye, buster | |
| CVE-2022-46456 | NASM v2.16 was discovered to contain a global buffer overflow in the c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-46457 | NASM v2.16 was discovered to contain a segmentation violation in the c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31722 | There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-38665 | Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows att ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-38667 | Stack-based buffer over-read in function disasm in nasm 2.16 allows at ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-38668 | Stack-based buffer over-read in disasm in nasm 2.16 allows attackers t ... | bookworm, bullseye, buster, sid, trixie | |
| nautilus | CVE-2022-37290 | GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename ... | bullseye, buster |
| neomutt | CVE-2020-14154 | Mutt before 1.14.3 proceeds with a connection even if, in response to ... | buster |
| net-tools | CVE-2002-1976 | ifconfig, when used on the Linux kernel 2.2 and later, does not report ... | bookworm, bullseye, buster, sid, trixie |
| netdata | CVE-2019-9834 | The Netdata web application through 1.13.0 allows remote attackers to ... | bookworm, bullseye, buster, sid |
| nethack | CVE-2019-19905 | NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability ... | buster |
| CVE-2020-5209 | In NetHack before 3.6.5, unknown options starting with -de and -i can ... | buster | |
| CVE-2020-5210 | In NetHack before 3.6.5, an invalid argument to the -w command line op ... | buster | |
| CVE-2020-5211 | In NetHack before 3.6.5, an invalid extended command in value for the ... | buster | |
| CVE-2020-5212 | In NetHack before 3.6.5, an extremely long value for the MENUCOLOR con ... | buster | |
| CVE-2020-5213 | In NetHack before 3.6.5, too long of a value for the SYMBOL configurat ... | buster | |
| CVE-2020-5214 | In NetHack before 3.6.5, detecting an unknown configuration file optio ... | buster | |
| netty | CVE-2022-24823 | Netty is an open-source, asynchronous event-driven network application ... | bookworm, bullseye, buster, sid, trixie |
| network-manager | CVE-2020-10754 | It was found that nmcli, a command line interface to NetworkManager di ... | buster |
| network-manager-applet | CVE-2017-6590 | An issue was discovered in network-manager-applet (aka network-manager ... | bookworm, bullseye, buster, sid, trixie |
| networkd-dispatcher | CVE-2022-29799 | A vulnerability was found in networkd-dispatcher. This flaw exists bec ... | bullseye, buster |
| CVE-2022-29800 | A time-of-check-time-of-use (TOCTOU) race condition vulnerability was ... | bullseye, buster | |
| nginx | CVE-2009-4487 | nginx 0.7.64 writes data to a log file without sanitizing non-printabl ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consum ... | bookworm, bullseye, buster | |
| nip2 | CVE-2017-17514 | boxes.c in nip2 8.4.0 does not validate strings before launching the p ... | bookworm, bullseye, buster, sid, trixie |
| nmap | CVE-2017-18594 | nse_libssh2.cc in Nmap 7.70 is subject to a denial of service conditio ... | buster |
| CVE-2018-15173 | Nmap through 7.70, when the -sV option is used, allows remote attacker ... | bookworm, bullseye, buster, sid, trixie | |
| nodau | CVE-2022-4399 | A vulnerability was found in TicklishHoneyBee nodau. It has been rated ... | bullseye, buster |
| node-ejs | CVE-2023-29827 | ejs v3.1.9 is vulnerable to server-side template injection. If the ejs ... | bookworm, bullseye, buster, sid, trixie |
| node-formidable | CVE-2022-29622 | An arbitrary file upload vulnerability in formidable v3.1.4 allows att ... | bullseye, buster |
| nova | CVE-2013-0326 | OpenStack nova base images permissions are world readable | bookworm, bullseye, buster, sid |
| nss | CVE-2017-11695 | Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/h ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-11696 | Heap-based buffer overflow in the __hash_open function in lib/dbm/src/ ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-11697 | The __hash_open function in hash.c:229 in Mozilla Network Security Ser ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-11698 | Heap-based buffer overflow in the __get_page function in lib/dbm/src/h ... | bookworm, bullseye, buster, sid, trixie | |
| ntp | CVE-2018-12327 | Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 ... | bullseye, buster |
| CVE-2023-26551 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ... | bullseye, buster | |
| CVE-2023-26552 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ... | bullseye, buster | |
| CVE-2023-26553 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ... | bullseye, buster | |
| CVE-2023-26554 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ... | bullseye, buster | |
| numpy | CVE-2021-34141 | An incomplete string comparison in the numpy.core component in NumPy b ... | bookworm, bullseye, sid, trixie |
| CVE-2021-41495 | Null Pointer Dereference vulnerability exists in numpy.sort in NumPy & ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-41496 | Buffer overflow in the array_from_pyobj function of fortranobject.c in ... | bookworm, bullseye, sid, trixie | |
| nvidia-cg-toolkit | CVE-2008-5144 | nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local ... | bookworm, bullseye, buster, sid, trixie |
| nvidia-cuda-toolkit | CVE-2023-0193 | NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-0196 | NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local use ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-25510 | NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-25511 | NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-25512 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-25513 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye, buster | |
| CVE-2023-25514 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-25523 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye, buster, sid, trixie | |
| ocaml-batteries | CVE-2017-17519 | batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) ... | bookworm, bullseye, buster, sid, trixie |
| ocsinventory-server | CVE-2010-1733 | Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02 ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2014-4722 | Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-14857 | Unrestricted file upload (with remote code execution) in require/mail/ ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-15537 | Unrestricted file upload (with remote code execution) in OCS Inventory ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-14947 | OCS Inventory NG 2.7 allows Remote Command Execution via shell metacha ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-3726 | OCSInventory allow stored email template with special characters that ... | bookworm, bullseye, buster, sid, trixie | |
| ompl | CVE-2021-41490 | Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavi ... | bookworm, bullseye, sid |
| CVE-2021-42218 | OMPL v1.5.2 contains a memory leak in VFRRT.cpp | bookworm, bullseye, sid | |
| onionshare | CVE-2022-21694 | OnionShare is an open source tool that lets you securely and anonymous ... | bullseye |
| openconnect | CVE-2020-12105 | OpenConnect through 8.08 mishandles negative return values from X509_c ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2020-12823 | OpenConnect 8.09 has a buffer overflow, causing a denial of service (a ... | buster | |
| opendkim | CVE-2020-35766 | The test suite in libopendkim in OpenDKIM through 2.10.3 allows local ... | bookworm, bullseye, buster, sid, trixie |
| openexr | CVE-2017-14988 | Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remot ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-18443 | OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/Ilm ... | buster | |
| CVE-2021-20304 | A flaw was found in OpenEXR's hufDecode functionality. This flaw allow ... | buster | |
| CVE-2021-26945 | An integer overflow leading to a heap-buffer overflow was found in Ope ... | bookworm, bullseye, buster, sid, trixie | |
| openfortivpn | CVE-2020-7043 | An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL ... | buster |
| openjpeg2 | CVE-2016-9113 | There is a NULL pointer dereference in function imagetobmp of convertb ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2016-9114 | There is a NULL Pointer Access in function imagetopnm of convert.c:194 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9115 | Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9116 | NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in O ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9117 | NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in O ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9580 | An integer overflow vulnerability was found in tiftoimage function in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-9581 | An infinite loop vulnerability in tiftoimage that results in heap buff ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-10505 | NULL pointer dereference vulnerabilities in the imagetopnm function in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-10506 | Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, op ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-17479 | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-5727 | In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the o ... | buster | |
| CVE-2018-7648 | An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. Th ... | buster | |
| CVE-2018-16375 | An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_i ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-16376 | An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflo ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-20845 | Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_nex ... | buster | |
| CVE-2018-20846 | Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi ... | bookworm, bullseye, buster, sid, trixie | |
| openldap | CVE-2015-3276 | The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDA ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-14159 | slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-17740 | contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when bot ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-15719 | libldap in certain third-party OpenLDAP packages has a certificate-val ... | bookworm, bullseye, buster, sid, trixie | |
| openrazer | CVE-2022-29021 | A buffer overflow vulnerability exists in the razerkbd driver of OpenR ... | bullseye, buster |
| CVE-2022-29022 | A buffer overflow vulnerability exists in the razeraccessory driver of ... | bullseye, buster | |
| CVE-2022-29023 | A buffer overflow vulnerability exists in the razermouse driver of Ope ... | bullseye, buster | |
| openrpt | CVE-2015-2305 | Integer overflow in the regcomp implementation in the Henry Spencer BS ... | buster |
| openscad | CVE-2022-0496 | A vulnerbiility was found in Openscad, where a DXF-format drawing with ... | bullseye, buster |
| CVE-2022-0497 | A vulnerbiility was found in Openscad, where a .scad file with no trai ... | bullseye, buster | |
| openssh | CVE-2007-2243 | OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabl ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2007-2768 | OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2008-3234 | sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapsh ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2016-20012 | OpenSSH through 8.7 allows remote attackers, who have a suspicion that ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-15919 | Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 co ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-6110 | In OpenSSH 7.9, due to accepting and displaying arbitrary stderr outpu ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-16905 | OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an expe ... | buster | |
| CVE-2020-12062 | The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to ... | buster | |
| CVE-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepan ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-15778 | scp in OpenSSH through 8.3p1 allows command injection in the scp.c tor ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-36368 | An issue was discovered in OpenSSH before 8.9. If a client is using pu ... | bullseye, buster | |
| CVE-2023-51767 | OpenSSH through 9.6, when common types of DRAM are used, might allow r ... | bookworm, bullseye, buster, sid, trixie | |
| openssl | CVE-2007-6755 | The NIST SP 800-90A default statement of the Dual Elliptic Curve Deter ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2010-0928 | OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex- ... | bookworm, bullseye, buster, sid, trixie | |
| openstack-trove | CVE-2015-3156 | The _write_config function in trove/guestagent/datastore/experimental/ ... | bookworm, sid, trixie |
| openvpn | CVE-2006-2229 | OpenVPN 2.0.7 and earlier, when configured to use the --management opt ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2016-6329 | OpenVPN, when using a 64-bit block cipher, makes it easier for remote ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-7544 | A cross-protocol scripting issue was discovered in the management inte ... | bookworm, bullseye, buster, sid, trixie | |
| optipng | CVE-2023-43907 | OptiPNG v0.7.7 was discovered to contain a global buffer overflow via ... | bookworm, bullseye, buster |
| os-prober | CVE-2008-5135 | os-prober in os-prober 1.17 allows local users to overwrite arbitrary ... | bookworm, bullseye, buster, sid, trixie |
| otrs2 | CVE-2018-7567 | In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0. ... | bullseye, buster |
| p7zip | CVE-2022-47069 | p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerabi ... | bookworm, bullseye, buster, sid, trixie |
| packagekit | CVE-2022-0987 | A flaw was found in PackageKit in the way some of the methods exposed ... | bookworm, bullseye, buster, sid, trixie |
| pandas | CVE-2020-13091 | pandas through 1.0.3 can unserialize and execute commands from an untr ... | bookworm, bullseye, buster, sid, trixie |
| parso | CVE-2019-12760 | A deserialization vulnerability exists in the way parso through 0.4.0 ... | buster |
| passenger | CVE-2016-10345 | In Phusion Passenger before 5.1.0, a known /tmp filename was used duri ... | bullseye, buster |
| password-store | CVE-2020-28086 | pass through 1.7.3 has a possibility of using a password for an uninte ... | bookworm, bullseye, buster, sid, trixie |
| patch | CVE-2010-4651 | Directory traversal vulnerability in util.c in GNU patch 2.6.1 and ear ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-6951 | An issue was discovered in GNU patch through 2.7.6. There is a segment ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-6952 | A double free exists in the another_hunk function in pch.c in GNU patc ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-45261 | An Invalid Pointer vulnerability exists in GNU patch 2.7 via the anoth ... | bookworm, bullseye, buster, sid, trixie | |
| patchelf | CVE-2022-44940 | Patchelf v0.9 was discovered to contain an out-of-bounds read via the ... | bookworm, bullseye, buster, sid, trixie |
| pcf2bdf | CVE-2022-23318 | A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an attacker ... | bullseye, buster |
| CVE-2022-23319 | A segmentation fault during PCF file parsing in pcf2bdf versions >=1.0 ... | bullseye, buster | |
| pcre2 | CVE-2022-41409 | Integer overflow vulnerability in pcre2test before 10.41 allows attack ... | bullseye, buster |
| pcre3 | CVE-2017-7245 | Stack-based buffer overflow in the pcre32_copy_substring function in p ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-7246 | Stack-based buffer overflow in the pcre32_copy_substring function in p ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-11164 | In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exe ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-16231 | In PCRE 8.41, after compiling, a pcretest load test PoC produces a cra ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20838 | libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT w ... | bookworm, bullseye, buster, sid, trixie | |
| pdfresurrect | CVE-2019-14267 | PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because ... | buster |
| CVE-2020-9549 | In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bou ... | buster | |
| CVE-2021-3508 | A flaw was found in PDFResurrect in version 0.22b. There is an infinit ... | bullseye, buster | |
| pdns | CVE-2020-24696 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2020-24697 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-24698 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ... | bookworm, bullseye, buster, sid, trixie | |
| pdns-recursor | CVE-2020-10030 | An issue has been found in PowerDNS Recursor 4.1.0 up to and including ... | buster |
| perl | CVE-2011-4116 | _is_safe in the File::Temp module for Perl does not properly handle sy ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-31486 | HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ... | bookworm, bullseye, buster | |
| phabricator | CVE-2017-17536 | Phabricator before 2017-11-10 does not block the --config and --debugg ... | bookworm, bullseye, buster, sid, trixie |
| phantomjs | CVE-2019-17221 | PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as d ... | buster |
| php-font-lib | CVE-2014-2570 | Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP ... | bookworm, bullseye, buster, sid, trixie |
| php-getid3 | CVE-2021-40926 | Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in g ... | bullseye, buster |
| php-gettext | TEMP-0000000-07A77D | php-gettext XSS | bookworm, bullseye, buster, sid, trixie |
| php-horde | CVE-2019-12094 | Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin ... | bookworm, bullseye, buster, sid |
| php-horde-trean | CVE-2019-12095 | Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 ... | bookworm, bullseye, buster, sid |
| php-pear | CVE-2017-5630 | PECL in the download utility class in the Installer in PEAR Base Syste ... | bookworm, bullseye, buster, sid, trixie |
| phpldapadmin | CVE-2018-12689 | phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id param ... | bookworm, sid, trixie |
| phpmyadmin | CVE-2005-3622 | phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain t ... | bookworm, bullseye, sid, trixie |
| CVE-2007-4306 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10 ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-11441 | phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astrin ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-0813 | PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially ... | bullseye | |
| CVE-2022-23807 | An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before ... | bullseye | |
| CVE-2022-23808 | An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker ca ... | bullseye | |
| picolibc | CVE-2019-14876 | In the __lshift function of the newlib libc library, all versions prio ... | bookworm, bullseye, sid, trixie |
| pidgin | CVE-2008-2956 | Memory leak in Pidgin 2.0.0, and possibly other versions, allows remot ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2012-1257 | Pidgin 2.10.0 uses DBUS for certain cleartext communication, which all ... | bookworm, bullseye, buster, sid, trixie | |
| pillow | CVE-2020-10994 | In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multipl ... | buster |
| CVE-2021-25287 | An issue was discovered in Pillow before 8.2.0. There is an out-of-bou ... | buster | |
| CVE-2021-25288 | An issue was discovered in Pillow before 8.2.0. There is an out-of-bou ... | buster | |
| pipewire | CVE-2022-4964 | Ubuntu's pipewire-pulse in snap grants microphone access even when the ... | bookworm, bullseye, buster |
| pixman | CVE-2023-37769 | stress-test master commit e4c878 was discovered to contain a FPE vulne ... | bookworm, bullseye, buster, sid, trixie |
| pluxml | CVE-2020-18184 | In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_ ... | buster |
| CVE-2020-18185 | class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrar ... | buster | |
| poppler | CVE-2013-4472 | The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-2814 | An exploitable heap overflow vulnerability exists in the image renderi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-2818 | An exploitable heap overflow vulnerability exists in the image renderi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-2820 | An exploitable integer overflow vulnerability exists in the JPEG 2000 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-9083 | poppler 0.54.0, as used in Evince and other products, has a NULL point ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-19059 | An issue was discovered in Poppler 0.71.0. There is a out-of-bounds re ... | buster | |
| CVE-2018-19060 | An issue was discovered in Poppler 0.71.0. There is a NULL pointer der ... | buster | |
| CVE-2022-24106 | In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing ... | bookworm, bullseye, buster, sid, trixie | |
| postbooks | CVE-2017-17525 | guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate st ... | buster |
| ppp | CVE-2008-5366 | The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local u ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2008-5367 | ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to o ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-4603 | A vulnerability classified as problematic has been found in ppp. Affec ... | bookworm, bullseye, buster, sid, trixie | |
| proftpd-dfsg | CVE-2020-9272 | ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap ... | buster |
| prometheus-alertmanager | CVE-2023-40577 | Alertmanager handles alerts sent by client applications such as the Pr ... | bookworm, bullseye |
| prometheus-blackbox-exporter | CVE-2020-16248 | Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-26735 | blackbox_exporter v0.23.0 was discovered to contain an access control ... | bookworm, bullseye, buster, sid, trixie | |
| protobuf | CVE-2015-5237 | protobuf allows remote authenticated attackers to cause a heap-based b ... | bookworm, bullseye, buster, sid, trixie |
| pspp | CVE-2019-9211 | There is a reachable assertion abort in the function write_long_string ... | buster |
| puppet | CVE-2020-7942 | Previously, Puppet operated on a model that a node with a valid certif ... | bullseye, buster |
| putty | CVE-2019-17069 | PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial o ... | buster |
| pwgen | CVE-2013-4441 | The Phonemes mode in Pwgen 2.06 generates predictable passwords, which ... | bookworm, bullseye, buster, sid, trixie |
| py-lmdb | CVE-2019-16224 | An issue was discovered in py-lmdb 0.97. For certain values of md_flag ... | bookworm, bullseye, sid, trixie |
| CVE-2019-16225 | An issue was discovered in py-lmdb 0.97. For certain values of mp_flag ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16226 | An issue was discovered in py-lmdb 0.97. mdb_node_del does not validat ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16227 | An issue was discovered in py-lmdb 0.97. For certain values of mn_flag ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16228 | An issue was discovered in py-lmdb 0.97. There is a divide-by-zero err ... | bookworm, bullseye, sid, trixie | |
| pypy | CVE-2020-29651 | A denial of service via regular expression in the py.path.svnwc compon ... | bullseye, buster, bookworm, bullseye, buster, sid, trixie |
| python-certifi | CVE-2022-23491 | Certifi is a curated collection of Root Certificates for validating th ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-37920 | Certifi is a curated collection of Root Certificates for validating th ... | bookworm, bullseye, buster, sid, trixie | |
| python-defaults | CVE-2008-4108 | Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) i ... | bullseye, buster |
| python-django | CVE-2021-32052 | In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 ( ... | buster |
| python-django-celery-results | CVE-2020-17495 | django-celery-results through 1.2.1 stores task results in the databas ... | bookworm, bullseye, buster, sid |
| python-ecdsa | CVE-2024-23342 | The `ecdsa` PyPI package is a pure Python implementation of ECC (Ellip ... | bookworm, bullseye, buster, sid, trixie |
| python-mkdocs | CVE-2021-40978 | The mkdocs 1.2.2 built-in dev-server allows directory traversal using ... | bookworm, bullseye, buster, sid, trixie |
| python-oslo.privsep | CVE-2022-38065 | A privilege escalation vulnerability exists in the oslo.privsep functi ... | bookworm, bullseye, buster, sid, trixie |
| python-pip | CVE-2018-20225 | An issue was discovered in pip (all versions) because it installs the ... | bookworm, bullseye, buster, sid, trixie |
| python-py | CVE-2022-42969 | The py library through 1.11.0 for Python allows remote attackers to co ... | bookworm, bullseye, buster, sid, trixie |
| python-pysaml2 | CVE-2016-10127 | PySAML2 allows remote attackers to conduct XML external entity (XXE) a ... | bookworm, bullseye, buster, sid, trixie |
| python-scrapy | CVE-2017-14158 | Scrapy 1.4 allows remote attackers to cause a denial of service (memor ... | bookworm, bullseye, buster, sid, trixie |
| python2.7 | CVE-2013-7040 | Python 2.7 before 3.4 only uses the last eight bits of the prefix to r ... | bullseye, buster |
| CVE-2017-17522 | Lib/webbrowser.py in Python through 3.6.3 does not validate strings be ... | bullseye, buster | |
| CVE-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ... | bullseye, buster | |
| CVE-2019-18348 | An issue was discovered in urllib2 in Python 2.x through 2.7.17 and ur ... | buster | |
| CVE-2020-27619 | In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ... | bullseye, buster | |
| CVE-2021-28861 | Python 3.x through 3.10 has an open redirection vulnerability in lib/h ... | bullseye, buster | |
| python3.7 | CVE-2017-17522 | Lib/webbrowser.py in Python through 3.6.3 does not validate strings be ... | buster |
| CVE-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ... | buster | |
| CVE-2019-18348 | An issue was discovered in urllib2 in Python 2.x through 2.7.17 and ur ... | buster | |
| CVE-2020-27619 | In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ... | buster | |
| CVE-2021-28861 | Python 3.x through 3.10 has an open redirection vulnerability in lib/h ... | buster | |
| python3.9 | CVE-2020-27619 | In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ... | bullseye |
| CVE-2021-28861 | Python 3.x through 3.10 has an open redirection vulnerability in lib/h ... | bullseye | |
| CVE-2022-37454 | The Keccak XKCP SHA-3 reference implementation before fdc6fef has an i ... | bullseye | |
| pyyaml | CVE-2017-18342 | In PyYAML before 5.1, the yaml.load() API could execute arbitrary code ... | buster |
| qbittorrent | CVE-2023-30801 | All versions of the qBittorrent client through 4.5.5 use default crede ... | bookworm, bullseye, buster, sid, trixie |
| qemu | CVE-2018-20123 | pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak ... | buster |
| CVE-2018-20124 | hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of ... | buster | |
| CVE-2018-20125 | hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of ... | buster | |
| CVE-2018-20126 | hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory ... | buster | |
| CVE-2018-20191 | hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation ... | buster | |
| CVE-2018-20216 | QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c becaus ... | buster | |
| CVE-2019-12247 | QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files d ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12928 | The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerabl ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-12929 | The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS co ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20175 | An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 ... | buster | |
| CVE-2020-24352 | An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-35414 | softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized r ... | bullseye | |
| qpdf | CVE-2022-34503 | QPDF v8.4.2 was discovered to contain a heap buffer overflow via the f ... | buster |
| qt4-x11 | CVE-2009-3015 | QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and d ... | buster |
| CVE-2009-3272 | Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safar ... | buster | |
| TEMP-0560108-565B70 | browser-based css info disclosure | buster | |
| TEMP-0568486-B6FCB6 | browser javascript document.write denial-of-service | buster | |
| qt6-base | CVE-2023-45935 | Qt 6 through 6.6 was discovered to contain a NULL pointer dereference ... | bookworm, sid, trixie, bookworm, bullseye, buster, sid, trixie, bookworm, bullseye, sid, trixie |
| qtdeclarative-opensource-src | CVE-2022-40983 | An integer overflow vulnerability exists in the QML QtScript Reflect A ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2022-43591 | A buffer overflow vulnerability exists in the QML QtScript Reflect API ... | bookworm, bullseye, buster, sid, trixie | |
| qtdeclarative-opensource-src-gles | CVE-2022-40983 | An integer overflow vulnerability exists in the QML QtScript Reflect A ... | bookworm, bullseye, sid, trixie |
| CVE-2022-43591 | A buffer overflow vulnerability exists in the QML QtScript Reflect API ... | bookworm, bullseye, sid, trixie | |
| qtwebkit | CVE-2015-8079 | qt5-qtwebkit before 5.4 records private browsing URLs to its favicon d ... | buster |
| quagga | CVE-2012-5521 | quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon pe ... | buster |
| qutebrowser | CVE-2020-11054 | In qutebrowser versions less than 1.11.1, reloading a page with certif ... | buster |
| r-cran-readxl | CVE-2021-27836 | An issue was discoverered in in function xls_getWorkSheet in xls.c in ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-38851 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-38852 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-38853 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-38854 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-38855 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-38856 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, buster, sid, trixie | |
| radsecproxy | CVE-2021-32642 | radsecproxy is a generic RADIUS proxy that supports both UDP and TLS ( ... | buster |
| rails | CVE-2010-3299 | The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to p ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2011-3187 | The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-17916 | SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-17917 | SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-17919 | SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-17920 | SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-3704 | A vulnerability classified as problematic has been found in Ruby on Ra ... | bookworm, bullseye, buster, sid, trixie | |
| rbdoom3bfg | CVE-2020-15007 | A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ... | bookworm, bullseye, buster, sid, trixie |
| re2c | CVE-2018-21232 | re2c before 2.0 has uncontrolled recursion that causes stack consumpti ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2022-23901 | A stack overflow re2c 2.2 exists due to infinite recursion issues in s ... | bullseye, buster | |
| recutils | CVE-2019-6455 | An issue was discovered in GNU Recutils 1.8. There is a double-free pr ... | bookworm, bullseye, buster, sid |
| CVE-2019-6456 | An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, buster, sid | |
| CVE-2019-6457 | An issue was discovered in GNU Recutils 1.8. There is a memory leak in ... | bookworm, bullseye, buster, sid | |
| CVE-2019-6458 | An issue was discovered in GNU Recutils 1.8. There is a memory leak in ... | bookworm, bullseye, buster, sid | |
| CVE-2019-6459 | An issue was discovered in GNU Recutils 1.8. There is a memory leak in ... | bookworm, bullseye, buster, sid | |
| CVE-2019-6460 | An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, buster, sid | |
| CVE-2019-11637 | An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, buster, sid | |
| CVE-2019-11638 | An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, buster, sid | |
| CVE-2019-11639 | An issue was discovered in GNU recutils 1.8. There is a stack-based bu ... | bookworm, bullseye, buster, sid | |
| CVE-2019-11640 | An issue was discovered in GNU recutils 1.8. There is a heap-based buf ... | bookworm, bullseye, buster, sid | |
| CVE-2021-46019 | An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GN ... | bookworm, bullseye, buster, sid | |
| CVE-2021-46021 | An Use-After-Free vulnerability in rec_record_destroy() at rec-record. ... | bookworm, bullseye, buster, sid | |
| CVE-2021-46022 | An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset ... | bookworm, bullseye, buster, sid | |
| redis | CVE-2020-21468 | A segmentation fault in the redis-server component of Redis 5.0.7 lead ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2021-3470 | A heap overflow issue was found in Redis in versions before 5.0.10, be ... | buster | |
| CVE-2022-3647 | ** DISPUTED ** A vulnerability, which was classified as problematic, w ... | bookworm, bullseye, buster, sid, trixie | |
| retroarch | CVE-2020-23914 | An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2020-23915 | An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ... | bookworm, bullseye, buster, sid, trixie | |
| rhythmbox | CVE-2008-7185 | GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of se ... | bookworm, bullseye, buster, sid, trixie |
| ring | CVE-2022-24786 | PJSIP is a free and open source multimedia communication library writt ... | bullseye, buster |
| CVE-2022-24792 | PJSIP is a free and open source multimedia communication library writt ... | bullseye, buster | |
| CVE-2023-38703 | PJSIP is a free and open source multimedia communication library writt ... | bookworm, bullseye, buster, sid, trixie | |
| rpm | CVE-2010-2198 | lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2010-2199 | lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-7500 | It was found that rpm did not properly handle RPM installations when a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-7501 | It was found that versions of rpm before 4.13.0.2 use temporary files ... | bookworm, bullseye, buster, sid, trixie | |
| rsyslog | CVE-2015-3243 | rsyslog uses weak permissions for generating log files, which allows l ... | bookworm, bullseye, buster, sid, trixie |
| rtv | CVE-2017-17516 | scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 d ... | bookworm, bullseye, buster, sid, trixie |
| ruamel.yaml | CVE-2019-20478 | In ruamel.yaml through 0.16.7, the load method allows remote code exec ... | bookworm, bullseye, buster, sid, trixie |
| ruby-handlebars-assets | TEMP-0000000-345A3B | handlebars: quoteless attributes in templates can lead to content injection | bookworm, bullseye, buster, sid, trixie |
| ruby-nokogiri | CVE-2022-29181 | Nokogiri is an open source XML and HTML library for Ruby. Nokogiri pri ... | bullseye, buster |
| ruby-oauth | CVE-2016-11086 | lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby doe ... | bookworm, bullseye, buster, sid, trixie |
| rust-failure | CVE-2020-25575 | An issue was discovered in the failure crate through 0.1.5 for Rust. I ... | bookworm, bullseye, buster, sid, trixie |
| rustc | CVE-2021-42574 | An issue was discovered in the Bidirectional Algorithm in the Unicode ... | bullseye, buster |
| salt | CVE-2021-22004 | An issue was discovered in SaltStack Salt before 3003.3. The salt mini ... | bullseye, buster |
| samba | CVE-2020-27840 | A flaw was found in samba. Spaces used in a string around a domain nam ... | bullseye, buster |
| CVE-2021-20277 | A flaw was found in Samba's libldb. Multiple, consecutive leading spac ... | bullseye, buster | |
| sane-backends | CVE-2023-46047 | An issue in Sane 1.2.1 allows a local attacker to execute arbitrary co ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-46052 | Sane 1.2.1 heap bounds overwrite in init_options() from backend/test.c ... | bookworm, bullseye, buster, sid, trixie | |
| schism | CVE-2021-32419 | An issue in Schism Tracker v20200412 fixed in v.20200412 allows attack ... | bullseye, buster |
| scikit-learn | CVE-2020-13092 | scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute ... | bookworm, bullseye, buster, sid, trixie |
| scilab | CVE-2019-20005 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-20006 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20007 | An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20198 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20199 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20200 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20201 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-20202 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-26220 | The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to O ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-26221 | The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-26222 | The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-30485 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-31229 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-31347 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-31348 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-31598 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-30045 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, buster, sid, trixie | |
| screen | CVE-2023-24626 | socket.c in GNU Screen through 4.9.0, when installed setuid or setgid ... | bookworm, bullseye, buster |
| scummvm | CVE-2017-17528 | backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not valida ... | bookworm, bullseye, buster, sid, trixie |
| seahorse | CVE-2008-7320 | GNOME Seahorse through 3.30 allows physically proximate attackers to r ... | bookworm, bullseye, buster, sid, trixie |
| shadow | CVE-2007-5686 | initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2013-4235 | shadow: TOCTOU (time-of-check time-of-use) race condition when copying ... | bullseye, buster | |
| CVE-2019-19882 | shadow 4.8, in certain circumstances affecting at least Gentoo, Arch L ... | bookworm, bullseye, buster, sid, trixie | |
| TEMP-0628843-DBAD28 | more related to CVE-2005-4890 | bookworm, bullseye, buster, sid, trixie | |
| shadowsocks-libev | CVE-2019-5152 | An exploitable information disclosure vulnerability exists in the netw ... | bookworm, bullseye, buster, sid |
| sharutils | TEMP-0000000-95CBBF | uudecode: stack out of bounds read access | bookworm, bullseye, buster, sid, trixie |
| shibboleth-sp | CVE-2019-19191 | Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file ... | bookworm, bullseye, buster, sid, trixie |
| singular | CVE-2022-40299 | In Singular before 4.3.1, a predictable /tmp pathname is used (e.g., b ... | bookworm, bullseye, buster, sid, trixie |
| sipcrack | CVE-2017-11654 | An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-11655 | A memory leak was found in the way SIPcrack 0.2 handled processing of ... | bookworm, bullseye, buster, sid, trixie | |
| slang2 | CVE-2023-45927 | S-Lang 2.3.2 was discovered to contain an arithmetic exception via the ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-45929 | S-Lang 2.3.2 was discovered to contain a segmentation fault via the fu ... | bookworm, bullseye, buster, sid, trixie | |
| sleuthkit | CVE-2018-11737 | An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from rel ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-11738 | An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from rel ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-11739 | An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from re ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-11740 | An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from r ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-14531 | An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-14532 | An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-10233 | In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap- ... | bookworm, bullseye, buster, sid, trixie | |
| slic3r | CVE-2020-28590 | An out-of-bounds read vulnerability exists in the Obj File TriangleMes ... | bookworm, bullseye, buster, sid |
| CVE-2020-28591 | An out-of-bounds read vulnerability exists in the AMF File AMFParserCo ... | buster | |
| CVE-2021-44961 | A memory leakage flaw exists in the class PerimeterGenerator of Slic3r ... | bookworm, bullseye, buster, sid | |
| CVE-2021-44962 | An out-of-bounds read vulnerability exists in the GCode::extrude() fun ... | bookworm, bullseye, buster, sid | |
| CVE-2021-45846 | A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker ... | bookworm, bullseye, buster, sid | |
| CVE-2021-45847 | Several missing input validations in the 3MF parser component of Slic3 ... | bookworm, bullseye, buster, sid | |
| slim | TEMP-0537604-F35BD7 | insecure tmp file vulnerability in slim | bookworm, bullseye, buster, sid, trixie |
| slurm-llnl | CVE-2019-19727 | SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd ... | buster |
| snakeyaml | CVE-2022-1471 | SnakeYaml's Constructor() class does not restrict types which can be i ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2022-38752 | Using snakeYAML to parse untrusted YAML files may be vulnerable to Den ... | bullseye, buster | |
| CVE-2022-41854 | Those using Snakeyaml to parse untrusted YAML files may be vulnerable ... | bullseye | |
| sngrep | CVE-2023-31981 | Sngrep v1.6.0 was discovered to contain a stack buffer overflow via th ... | bookworm, bullseye, buster |
| CVE-2023-31982 | Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the ... | bookworm, bullseye, buster | |
| CVE-2023-36192 | Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the ... | bookworm, bullseye, buster | |
| software-properties | CVE-2020-15709 | Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20 ... | bookworm, bullseye, buster, sid, trixie |
| sosreport | CVE-2014-0246 | SOSreport stores the md5 hash of the GRUB bootloader password in an ar ... | bookworm, bullseye, buster, sid, trixie |
| sphinxsearch | CVE-2019-14511 | Sphinx Technologies Sphinx 3.1.1 by default has no authentication and ... | buster |
| spice-gtk | CVE-2016-3066 | The spice-gtk widget allows remote authenticated users to obtain infor ... | bookworm, bullseye, buster, sid, trixie |
| spotweb | CVE-2021-40968 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster |
| CVE-2021-40969 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster | |
| CVE-2021-40970 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster | |
| CVE-2021-40971 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster | |
| CVE-2021-40972 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster | |
| CVE-2021-40973 | Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ... | buster | |
| sql-ledger | CVE-2007-0667 | The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2 ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2007-1329 | Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2007-1923 | (1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2007-5372 | Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2008-4077 | The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledg ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2008-4078 | SQL injection vulnerability in the AR/AP transaction report in (1) Led ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2009-3580 | Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2009-3581 | Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8. ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2009-3582 | Multiple SQL injection vulnerabilities in the delete subroutine in SQL ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2009-3583 | Directory traversal vulnerability in the Preferences menu item in SQL- ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2009-3584 | SQL-Ledger 2.8.24 does not set the secure flag for the session cookie ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2009-4402 | The default configuration of SQL-Ledger 2.8.24 allows remote attackers ... | bookworm, bullseye, buster, sid, trixie | |
| sqlite | CVE-2017-13685 | The dump_callback function in SQLite 3.20.0 allows remote attackers to ... | buster |
| CVE-2021-45346 | A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 an ... | buster | |
| CVE-2022-35737 | SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-b ... | buster | |
| sqlite3 | CVE-2019-19244 | sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-sel ... | buster |
| CVE-2020-11656 | In SQLite through 3.31.1, the ALTER TABLE implementation has a use-aft ... | buster | |
| CVE-2021-36690 | A segmentation fault can occur in the sqlite3.exe command-line compone ... | bullseye, buster | |
| CVE-2021-45346 | A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 an ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-35737 | SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-b ... | bullseye, buster | |
| sqliteodbc | CVE-2020-12050 | SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.99 ... | bookworm, bullseye, buster, sid, trixie |
| squid | CVE-2019-12522 | An issue was discovered in Squid through 4.7. When Squid is run as roo ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2020-8517 | An issue was discovered in Squid before 4.10. Due to incorrect input v ... | buster | |
| CVE-2020-14058 | An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due ... | buster | |
| ssmtp | CVE-2004-0423 | The log_event function in ssmtp 2.50.6 and earlier allows local users ... | bookworm, bullseye, sid, trixie |
| CVE-2008-7258 | The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.6 ... | bookworm, bullseye, sid, trixie | |
| stalin | CVE-2015-8697 | stalin 0.11-5 allows local users to write to arbitrary files. | bookworm, bullseye, buster, sid, trixie |
| strongswan | CVE-2018-5389 | The Internet Key Exchange v1 main mode is vulnerable to offline dictio ... | bookworm, bullseye, buster, sid, trixie |
| sudo | CVE-2005-1119 | Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-19232 | In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer ... | buster | |
| CVE-2019-19234 | In Sudo through 1.8.29, the fact that a user has been blocked (e.g., b ... | buster | |
| CVE-2021-23240 | selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a loc ... | buster | |
| CVE-2022-43995 | Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains ... | bullseye, buster | |
| supervisor | CVE-2019-12105 | In Supervisor through 4.0.2, an unauthenticated user can read log file ... | bookworm, bullseye, buster, sid, trixie |
| surf | CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | bookworm, bullseye, buster, sid, trixie |
| svgpp | CVE-2019-6245 | An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ... | bookworm, bullseye, sid, trixie |
| CVE-2019-6247 | An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ... | bookworm, bullseye, sid, trixie | |
| swfmill | CVE-2022-36140 | SWFMill commit 53d7690 was discovered to contain a segmentation violat ... | bullseye, buster, sid |
| CVE-2022-36141 | SWFMill commit 53d7690 was discovered to contain a segmentation violat ... | bullseye, buster, sid | |
| CVE-2022-36142 | SWFMill commit 53d7690 was discovered to contain a heap-buffer overflo ... | bullseye, buster, sid | |
| CVE-2022-36143 | SWFMill commit 53d7690 was discovered to contain a heap-buffer overflo ... | bullseye, buster, sid | |
| CVE-2022-36145 | SWFMill commit 53d7690 was discovered to contain a segmentation violat ... | bullseye, buster, sid | |
| CVE-2022-36146 | SWFMill commit 53d7690 was discovered to contain a memory allocation i ... | bullseye, buster, sid | |
| swi-prolog | CVE-2017-17524 | library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings b ... | bookworm, bullseye, buster, sid, trixie |
| sylpheed | CVE-2007-1267 | Sylpheed 2.2.7 and earlier does not properly use the --status-fd argum ... | bookworm, bullseye, buster, sid |
| CVE-2017-17517 | libsylph/utils.c in Sylpheed through 3.6 does not validate strings bef ... | bookworm, bullseye, buster, sid | |
| systemd | CVE-2013-4392 | systemd, when updating file permissions, allows local users to change ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-20386 | An issue was discovered in button_open in login/logind-button.c in sys ... | buster | |
| CVE-2020-13529 | An exploitable denial-of-service vulnerability exists in Systemd 245. ... | bullseye, buster | |
| CVE-2023-31437 | An issue was discovered in systemd 253. An attacker can modify a seale ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31438 | An issue was discovered in systemd 253. An attacker can truncate a sea ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31439 | An issue was discovered in systemd 253. An attacker can modify the con ... | bookworm, bullseye, buster, sid, trixie | |
| sysvinit | TEMP-0517018-A83CE6 | sysvinit: no-root option in expert installer exposes locally exploitable security flaw | bookworm, bullseye, buster, sid, trixie |
| tar | CVE-2005-2541 | Tar 1.15.1 does not properly warn the user when extracting setuid or s ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-9923 | pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointe ... | buster | |
| CVE-2021-20193 | A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw ... | buster | |
| CVE-2022-48303 | GNU Tar through 1.34 has a one-byte out-of-bounds read that results in ... | buster | |
| TEMP-0290435-0B57B5 | tar's rmt command may have undesired side effects | bookworm, bullseye, buster, sid, trixie | |
| tcc | CVE-2018-20374 | An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-20375 | An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-20376 | An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ... | bookworm, bullseye, buster, sid, trixie | |
| tcl8.6 | CVE-2021-35331 | In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow ... | bookworm, bullseye, buster, sid, trixie |
| tcpdump | CVE-2018-16301 | The command-line argument parser in tcpdump before 4.99.0 has a buffer ... | buster |
| CVE-2018-19519 | In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_p ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-1010220 | tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. T ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-1801 | The SMB protocol decoder in tcpdump version 4.99.3 can perform an out- ... | bookworm, bullseye, buster | |
| tcpreplay | CVE-2019-8376 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ... | buster |
| CVE-2019-8377 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ... | buster | |
| CVE-2019-8381 | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access o ... | buster | |
| CVE-2020-12740 | tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-rea ... | buster | |
| CVE-2020-18976 | Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial ... | buster | |
| CVE-2020-23273 | Heap-buffer overflow in the randomize_iparp function in edit_packet.c. ... | buster | |
| CVE-2020-24265 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ... | bullseye, buster | |
| CVE-2020-24266 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ... | bullseye, buster | |
| CVE-2021-45386 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | bullseye, buster | |
| CVE-2021-45387 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c ... | bullseye, buster | |
| CVE-2022-25484 | tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet ... | bullseye, buster | |
| CVE-2022-27416 | Tcpreplay v4.4.1 was discovered to contain a double-free via __interce ... | bullseye, buster | |
| CVE-2022-27418 | Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math ... | bullseye, buster | |
| CVE-2022-27939 | tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_ ... | bullseye, buster | |
| CVE-2022-27940 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ... | bullseye, buster | |
| CVE-2022-27941 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ... | bullseye, buster | |
| CVE-2022-27942 | tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_ ... | bullseye, buster | |
| CVE-2022-28487 | Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_che ... | bullseye, buster | |
| CVE-2022-37047 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain ... | bullseye, buster | |
| CVE-2022-37048 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain ... | bullseye, buster | |
| CVE-2022-37049 | The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a ... | bullseye, buster | |
| CVE-2023-4256 | Within tcpreplay's tcprewrite, a double free vulnerability has been id ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-27783 | An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacke ... | bookworm, bullseye, buster | |
| CVE-2023-27784 | An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause ... | bookworm, bullseye, buster | |
| CVE-2023-27785 | An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker t ... | bookworm, bullseye, buster | |
| CVE-2023-27786 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a ... | bookworm, bullseye, buster | |
| CVE-2023-27787 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a ... | bookworm, bullseye, buster | |
| CVE-2023-27788 | An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause ... | bookworm, bullseye, buster | |
| CVE-2023-27789 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a ... | bookworm, bullseye, buster | |
| CVE-2023-43279 | Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcprepla ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2024-3024 | A vulnerability was found in appneta tcpreplay up to 4.4.4. It has bee ... | bookworm, bullseye, buster, sid, trixie | |
| telegram-desktop | CVE-2018-17231 | Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause ... | bookworm, bullseye, buster, sid |
| CVE-2018-17613 | Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enab ... | bookworm, bullseye, buster, sid | |
| texlive-base | CVE-2017-17513 | TeX Live through 20170524 does not validate strings before launching t ... | bookworm, bullseye, buster, sid, trixie |
| texlive-bin | CVE-2016-10243 | TeX Live allows remote attackers to execute arbitrary commands by leve ... | buster |
| CVE-2017-17513 | TeX Live through 20170524 does not validate strings before launching t ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2019-19601 | OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-33047 | OTFCC v0.10.4 was discovered to contain a heap buffer overflow after f ... | bookworm, sid, trixie | |
| CVE-2022-35021 | OTFCC commit 617837b was discovered to contain a global buffer overflo ... | bookworm, sid, trixie | |
| CVE-2022-35022 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35023 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35024 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35025 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35026 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35027 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35028 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35029 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35030 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35031 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35032 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35034 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35035 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35036 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35037 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35038 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35039 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35040 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35041 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35042 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35043 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35044 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35045 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35046 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35047 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35048 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35049 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35050 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35051 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35052 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35053 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35054 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35055 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35056 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35058 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35059 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35060 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35061 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35062 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35063 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35064 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35065 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35066 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35067 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35068 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35069 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35070 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35447 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35448 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35449 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35450 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35451 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35452 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35453 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35454 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35455 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35456 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35458 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35459 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35460 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35461 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35462 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35463 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35464 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35465 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35466 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35467 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35468 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35469 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35470 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35471 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35472 | OTFCC v0.10.4 was discovered to contain a global overflow via /release ... | bookworm, sid, trixie | |
| CVE-2022-35473 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35474 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35475 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35476 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35477 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35478 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35479 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35481 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35482 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35483 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35484 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35485 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35486 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2023-46048 | Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdi ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-46051 | TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdfte ... | bookworm, bullseye, buster, sid, trixie | |
| thunar | CVE-2018-18398 | Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey ... | bookworm, bullseye, buster, sid, trixie |
| TEMP-0517020-915121 | thunar: potential exploits via application launchers | bookworm, bullseye, buster, sid, trixie | |
| tiff | CVE-2017-5563 | LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read i ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-9117 | In LibTIFF 4.0.7, the program processes BMP images without verifying t ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-16232 | LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow at ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-17973 | In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writ ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-10126 | LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 fu ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-35521 | A flaw was found in libtiff. Due to a memory allocation failure in tif ... | buster | |
| CVE-2020-35522 | In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A craf ... | buster | |
| CVE-2022-1056 | Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers ... | bullseye, buster | |
| CVE-2022-1210 | A vulnerability classified as problematic was found in LibTIFF 4.3.0. ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-2519 | There is a double free or corruption in rotateImage() at tiffcrop.c:88 ... | buster | |
| CVE-2022-2520 | A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion f ... | buster | |
| CVE-2022-2521 | It was found in libtiff 4.4.0rc1 that there is an invalid pointer free ... | buster | |
| CVE-2022-2953 | LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tool ... | buster | |
| CVE-2023-1916 | A flaw was found in tiffcrop, a program distributed by the libtiff pac ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-3164 | A heap-buffer-overflow vulnerability was found in LibTIFF, in extractI ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-6228 | An issue was found in the tiffcp utility distributed by the libtiff pa ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-30775 | A vulnerability was found in the libtiff library. This security flaw c ... | bullseye, buster | |
| tiles | CVE-2023-49735 | ** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleRes ... | bookworm, bullseye, buster, sid, trixie |
| timidity | CVE-2017-11549 | The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remot ... | bookworm, bullseye, buster, sid, trixie |
| tin | CVE-2017-17520 | tools/url_handler.pl in TIN 2.4.1 does not validate strings before lau ... | bookworm, bullseye, buster, sid, trixie |
| tinyexr | CVE-2018-12687 | tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h ... | bookworm, bullseye, sid, trixie |
| tinymux | CVE-2007-1959 | Unspecified vulnerability in the process_cmdent function in command.cp ... | bookworm, bullseye, buster, sid, trixie |
| tinyssh | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in O ... | bookworm, bullseye, buster |
| tinyxml2 | CVE-2018-11210 | TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::P ... | bookworm, bullseye, buster, sid, trixie |
| tomcat9 | CVE-2021-24122 | When serving resources from a network location using the NTFS file sys ... | buster |
| CVE-2022-34305 | In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 ... | bullseye, buster | |
| tor | CVE-2006-6893 | Tor allows remote attackers to discover the IP address of a hidden ser ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2007-1103 | Tor does not verify a node's uptime and bandwidth advertisements, whic ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2009-0654 | Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attacke ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-8516 | The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2020-15572 | Tor before 0.4.3.6 has an out-of-bounds memory access that allows a re ... | buster | |
| triplea | CVE-2018-1000546 | Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) ... | bookworm, bullseye, sid, trixie |
| trousers | CVE-2020-24330 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ... | bullseye, buster |
| CVE-2020-24331 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ... | bullseye, buster | |
| CVE-2020-24332 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ... | bullseye, buster | |
| u-boot | CVE-2017-3225 | Das U-Boot is a device bootloader that can read its configuration from ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-3226 | Das U-Boot is a device bootloader that can read its configuration from ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18439 | DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer over ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18440 | DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overf ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-1000205 | U-Boot contains a CWE-20: Improper Input Validation vulnerability in V ... | bookworm, bullseye, buster, sid, trixie | |
| uclibc | CVE-2017-9728 | In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp f ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-9729 | In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-27419 | uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-arou ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-43523 | In uClibc and uClibc-ng before 1.0.39, incorrect handling of special c ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-29503 | A memory corruption vulnerability exists in the libpthread linuxthread ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2022-30295 | uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable D ... | bookworm, bullseye, buster, sid, trixie | |
| uglify-js | CVE-2022-37598 | Prototype pollution vulnerability in function DEFNODE in ast.js in mis ... | bookworm, bullseye, buster, sid, trixie, bullseye, buster, sid, trixie |
| unbound | CVE-2019-18934 | Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec modul ... | buster |
| CVE-2019-25031 | Unbound before 1.9.5 allows configuration injection in create_unbound_ ... | buster | |
| CVE-2019-25032 | Unbound before 1.9.5 allows an integer overflow in the regional alloca ... | buster | |
| CVE-2019-25033 | Unbound before 1.9.5 allows an integer overflow in the regional alloca ... | buster | |
| CVE-2019-25034 | Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dnam ... | buster | |
| CVE-2019-25035 | Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token ... | buster | |
| CVE-2019-25036 | Unbound before 1.9.5 allows an assertion failure and denial of service ... | buster | |
| CVE-2019-25037 | Unbound before 1.9.5 allows an assertion failure and denial of service ... | buster | |
| CVE-2019-25038 | Unbound before 1.9.5 allows an integer overflow in a size calculation ... | buster | |
| CVE-2019-25039 | Unbound before 1.9.5 allows an integer overflow in a size calculation ... | buster | |
| CVE-2019-25040 | Unbound before 1.9.5 allows an infinite loop via a compressed name in ... | buster | |
| CVE-2019-25041 | Unbound before 1.9.5 allows an assertion failure via a compressed name ... | buster | |
| CVE-2019-25042 | Unbound before 1.9.5 allows an out-of-bounds write via a compressed na ... | buster | |
| unixodbc | CVE-2024-1013 | An out-of-bounds stack write flaw was found in unixODBC on 64-bit arch ... | bookworm, bullseye, buster, sid, trixie |
| unrar-free | CVE-2017-11190 | unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might ... | bullseye, buster |
| unzip | CVE-2021-4217 | A flaw was found in unzip. The vulnerability occurs due to improper ha ... | bookworm, bullseye, buster, sid, trixie |
| upx-ucl | CVE-2019-14295 | An Integer overflow in the getElfSections function in p_vmlinx.cpp in ... | buster |
| CVE-2019-14296 | canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause ... | buster | |
| CVE-2019-20021 | A heap-based buffer over-read was discovered in canUnpack in p_mach.cp ... | buster | |
| CVE-2019-20051 | A floating-point exception was discovered in PackLinuxElf::elf_hash in ... | buster | |
| CVE-2019-20053 | An invalid memory address dereference was discovered in the canUnpack ... | buster | |
| CVE-2019-20805 | p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacki ... | buster | |
| CVE-2020-24119 | A heap buffer overflow read was discovered in upx 4.0.0, because the c ... | bullseye, buster | |
| CVE-2020-27787 | A Segmentaation fault was found in UPX in invert_pt_dynamic() function ... | buster | |
| CVE-2020-27788 | An out-of-bounds read access vulnerability was discovered in UPX in Pa ... | buster | |
| CVE-2020-27790 | A floating point exception issue was discovered in UPX in PackLinuxElf ... | buster | |
| CVE-2020-27796 | A heap-based buffer over-read was discovered in the invert_pt_dynamic ... | bullseye, buster | |
| CVE-2020-27797 | An invalid memory address reference was discovered in the elf_lookup f ... | bullseye, buster | |
| CVE-2020-27798 | An invalid memory address reference was discovered in the adjABS funct ... | bullseye, buster | |
| CVE-2020-27799 | A heap-based buffer over-read was discovered in the acc_ua_get_be32 fu ... | bullseye, buster | |
| CVE-2020-27800 | A heap-based buffer over-read was discovered in the get_le32 function ... | bullseye, buster | |
| CVE-2020-27801 | A heap-based buffer over-read was discovered in the get_le64 function ... | bullseye, buster | |
| CVE-2020-27802 | An floating point exception was discovered in the elf_lookup function ... | bullseye, buster | |
| CVE-2021-20285 | A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw ... | bullseye, buster | |
| CVE-2021-30500 | Null pointer dereference was found in upx PackLinuxElf::canUnpack() in ... | bullseye, buster | |
| CVE-2021-30501 | An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in ... | bullseye, buster | |
| CVE-2021-43311 | A heap-based buffer overflow was discovered in upx, during the generic ... | bullseye, buster | |
| CVE-2021-43312 | A heap-based buffer overflow was discovered in upx, during the variabl ... | bullseye, buster | |
| CVE-2021-43313 | A heap-based buffer overflow was discovered in upx, during the variabl ... | bullseye, buster | |
| CVE-2021-43314 | A heap-based buffer overflows was discovered in upx, during the generi ... | bullseye, buster | |
| CVE-2021-43315 | A heap-based buffer overflows was discovered in upx, during the generi ... | bullseye, buster | |
| CVE-2021-43316 | A heap-based buffer overflow was discovered in upx, during the generic ... | bullseye, buster | |
| CVE-2021-43317 | A heap-based buffer overflows was discovered in upx, during the generi ... | bullseye, buster | |
| CVE-2021-46179 | Reachable Assertion vulnerability in upx before 4.0.0 allows attackers ... | bullseye, buster | |
| CVE-2023-23457 | A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dyn ... | bullseye, buster | |
| util-linux | CVE-2022-0563 | A flaw was found in the util-linux chfn and chsh utilities when compil ... | bookworm, bullseye, buster, sid, trixie |
| uwsgi | CVE-2020-11984 | Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure an ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2021-36160 | A carefully crafted request uri-path can cause mod_proxy_uwsgi to read ... | bookworm, bullseye, buster, sid, trixie | |
| v4l2loopback | CVE-2022-2652 | Depending on the way the format strings in the card label are crafted ... | bullseye, buster |
| varnish | CVE-2009-4488 | Varnish 2.0.6 writes data to a log file without sanitizing non-printab ... | bookworm, bullseye, buster, sid, trixie |
| vim | CVE-2008-4677 | autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2017-1000382 | VIM version 8.0.1187 (and other versions most likely) ignores umask wh ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-3236 | vim 8.2.2348 is affected by null pointer dereference, allows local att ... | buster | |
| CVE-2021-3903 | vim is vulnerable to Heap-based Buffer Overflow | bullseye, buster | |
| CVE-2021-3927 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-3928 | vim is vulnerable to Use of Uninitialized Variable | bullseye | |
| CVE-2021-3968 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-3973 | vim is vulnerable to Heap-based Buffer Overflow | bullseye, buster | |
| CVE-2021-3974 | vim is vulnerable to Use After Free | bullseye | |
| CVE-2021-3984 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-4069 | vim is vulnerable to Use After Free | bullseye | |
| CVE-2021-4136 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-4166 | vim is vulnerable to Out-of-bounds Read | bullseye, buster | |
| CVE-2021-4192 | vim is vulnerable to Use After Free | bullseye | |
| CVE-2021-4193 | vim is vulnerable to Out-of-bounds Read | bullseye | |
| CVE-2022-0156 | vim is vulnerable to Use After Free | bullseye | |
| CVE-2022-0158 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2022-0213 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2022-0318 | Heap-based Buffer Overflow in vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0319 | Out-of-bounds Read in vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0368 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0393 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0407 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0408 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0413 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0443 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0554 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... | bullseye | |
| CVE-2022-0629 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0685 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... | bullseye | |
| CVE-2022-0696 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.442 ... | bullseye | |
| CVE-2022-0714 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ... | bullseye | |
| CVE-2022-0729 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... | bullseye | |
| CVE-2022-0943 | Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim ... | bullseye | |
| CVE-2022-1154 | Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8 ... | bullseye | |
| CVE-2022-1420 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... | bullseye | |
| CVE-2022-1619 | Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub r ... | bullseye | |
| CVE-2022-1620 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ... | bullseye, buster | |
| CVE-2022-1621 | Heap buffer overflow in vim_strncpy find_word in GitHub repository vim ... | bullseye | |
| CVE-2022-1629 | Buffer Over-read in function find_next_quote in GitHub repository vim/ ... | bullseye, buster | |
| CVE-2022-1674 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ... | bullseye, buster | |
| CVE-2022-1720 | Buffer Over-read in function grab_file_name in GitHub repository vim/v ... | bullseye | |
| CVE-2022-1725 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.495 ... | bullseye, buster | |
| CVE-2022-1733 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ... | bullseye, buster | |
| CVE-2022-1735 | Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969 ... | bullseye, buster | |
| CVE-2022-1769 | Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. | bullseye, buster | |
| CVE-2022-1771 | Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. | bullseye, buster | |
| CVE-2022-1796 | Use After Free in GitHub repository vim/vim prior to 8.2.4979. | bullseye, buster | |
| CVE-2022-1851 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-1886 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-1898 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-1927 | Buffer Over-read in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-1968 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2042 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2124 | Buffer Over-read in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2125 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2126 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2175 | Buffer Over-read in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2182 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2183 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2206 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2207 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2208 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.516 ... | bullseye, buster | |
| CVE-2022-2210 | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2231 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. | bullseye, buster | |
| CVE-2022-2257 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | bullseye, buster | |
| CVE-2022-2264 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. | bullseye, buster | |
| CVE-2022-2284 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. | bullseye, buster | |
| CVE-2022-2285 | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9 ... | bullseye | |
| CVE-2022-2286 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | bullseye, buster | |
| CVE-2022-2287 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | bullseye, buster | |
| CVE-2022-2289 | Use After Free in GitHub repository vim/vim prior to 9.0. | bullseye, buster | |
| CVE-2022-2343 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye, buster | |
| CVE-2022-2344 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye, buster | |
| CVE-2022-2345 | Use After Free in GitHub repository vim/vim prior to 9.0.0046. | bullseye, buster | |
| CVE-2022-2522 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye, buster | |
| CVE-2022-2571 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2581 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. | bullseye, buster | |
| CVE-2022-2598 | Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2816 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. | bullseye, buster | |
| CVE-2022-2817 | Use After Free in GitHub repository vim/vim prior to 9.0.0213. | bullseye | |
| CVE-2022-2819 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2845 | Improper Validation of Specified Quantity in Input in GitHub repositor ... | bullseye, buster | |
| CVE-2022-2849 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye, buster | |
| CVE-2022-2862 | Use After Free in GitHub repository vim/vim prior to 9.0.0221. | bullseye | |
| CVE-2022-2874 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.022 ... | bullseye, buster | |
| CVE-2022-2889 | Use After Free in GitHub repository vim/vim prior to 9.0.0225. | bullseye, buster | |
| CVE-2022-2923 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.024 ... | bullseye, buster | |
| CVE-2022-2946 | Use After Free in GitHub repository vim/vim prior to 9.0.0246. | bullseye | |
| CVE-2022-2980 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.025 ... | bullseye, buster | |
| CVE-2022-2982 | Use After Free in GitHub repository vim/vim prior to 9.0.0260. | bullseye | |
| CVE-2022-3016 | Use After Free in GitHub repository vim/vim prior to 9.0.0286. | bullseye, buster | |
| CVE-2022-3037 | Use After Free in GitHub repository vim/vim prior to 9.0.0322. | bullseye | |
| CVE-2022-3153 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.040 ... | bullseye, buster | |
| CVE-2022-3234 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-3235 | Use After Free in GitHub repository vim/vim prior to 9.0.0490. | bullseye | |
| CVE-2022-3256 | Use After Free in GitHub repository vim/vim prior to 9.0.0530. | bullseye | |
| CVE-2022-3278 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.055 ... | bullseye, buster | |
| CVE-2022-3296 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ... | bullseye, buster | |
| CVE-2022-3297 | Use After Free in GitHub repository vim/vim prior to 9.0.0579. | bullseye, buster | |
| CVE-2022-3352 | Use After Free in GitHub repository vim/vim prior to 9.0.0614. | bullseye | |
| CVE-2022-3491 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye, buster | |
| CVE-2022-3520 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye, buster | |
| CVE-2022-3591 | Use After Free in GitHub repository vim/vim prior to 9.0.0789. | bullseye, buster | |
| CVE-2022-3705 | A vulnerability was found in vim and classified as problematic. Affect ... | bullseye | |
| CVE-2022-4292 | Use After Free in GitHub repository vim/vim prior to 9.0.0882. | bullseye, buster | |
| CVE-2022-4293 | Floating Point Comparison with Incorrect Operator in GitHub repository ... | bullseye, buster | |
| CVE-2022-47024 | A null pointer dereference issue was discovered in function gui_x11_cr ... | bullseye, buster | |
| CVE-2023-0049 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. | bullseye, buster | |
| CVE-2023-0051 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bullseye, buster | |
| CVE-2023-0288 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bullseye, buster | |
| CVE-2023-0433 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bullseye, buster | |
| CVE-2023-0512 | Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. | bullseye, buster | |
| CVE-2023-1170 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bullseye, buster | |
| CVE-2023-1264 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.139 ... | bookworm, bullseye, buster | |
| CVE-2023-1355 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.140 ... | bookworm, bullseye, buster | |
| CVE-2023-2609 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.153 ... | bookworm, bullseye, buster | |
| CVE-2023-3896 | Divide By Zero in vim/vim from9.0.1367-1 to9.0.1367-3 | bookworm, bullseye | |
| CVE-2023-4733 | Use After Free in GitHub repository vim/vim prior to 9.0.1840. | bookworm, bullseye, buster | |
| CVE-2023-4734 | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9 ... | bookworm, bullseye, buster | |
| CVE-2023-4735 | Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. | bookworm, bullseye, buster | |
| CVE-2023-4750 | Use After Free in GitHub repository vim/vim prior to 9.0.1857. | bookworm, bullseye, buster | |
| CVE-2023-4751 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bookworm, bullseye, buster | |
| CVE-2023-5441 | NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161a ... | bookworm, bullseye, buster | |
| CVE-2023-5535 | Use After Free in GitHub repository vim/vim prior to v9.0.2010. | bookworm, bullseye, buster | |
| CVE-2023-46246 | Vim is an improved version of the good old UNIX editor Vi. Heap-use-af ... | bookworm, bullseye, buster | |
| CVE-2023-48231 | Vim is an open source command line text editor. When closing a window, ... | bookworm, bullseye, buster | |
| CVE-2023-48232 | Vim is an open source command line text editor. A floating point excep ... | bookworm, bullseye, buster | |
| CVE-2023-48233 | Vim is an open source command line text editor. If the count after the ... | bookworm, bullseye, buster | |
| CVE-2023-48234 | Vim is an open source command line text editor. When getting the count ... | bookworm, bullseye, buster | |
| CVE-2023-48235 | Vim is an open source command line text editor. When parsing relative ... | bookworm, bullseye, buster | |
| CVE-2023-48236 | Vim is an open source command line text editor. When using the z= comm ... | bookworm, bullseye, buster | |
| CVE-2023-48237 | Vim is an open source command line text editor. In affected versions w ... | bookworm, bullseye, buster | |
| CVE-2023-48706 | Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-a ... | bookworm, bullseye, buster | |
| vino | CVE-2011-1164 | Vino before 2.99.4 can connect external networks contrary to the state ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2011-1165 | Vino, possibly before 3.2, does not properly document that it opens po ... | bookworm, bullseye, buster, sid, trixie | |
| vorbis-tools | CVE-2017-11331 | The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-43361 | Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local a ... | bookworm, bullseye, buster, sid, trixie | |
| vte | CVE-2005-0023 | gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to sp ... | bookworm, bullseye, buster, sid, trixie |
| w3m | CVE-2023-38252 | An out-of-bounds read flaw was found in w3m, in the Strnew_size functi ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-38253 | An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str fun ... | bookworm, bullseye, buster, sid, trixie | |
| TEMP-0532514-9137E0 | predictable random number generator used in web browsers | bookworm, bullseye, buster, sid, trixie | |
| wabt | CVE-2022-43280 | wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ... | bullseye, buster |
| CVE-2022-43281 | wasm-interp v1.0.29 was discovered to contain a heap overflow via the ... | bullseye, buster | |
| CVE-2022-43282 | wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ... | bullseye, buster | |
| CVE-2022-43283 | wasm2c v1.0.29 was discovered to contain an abort in CWriter::Write. | bullseye, buster | |
| CVE-2023-27115 | WebAssembly v1.0.29 was discovered to contain a segmentation fault via ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-27116 | WebAssembly v1.0.29 discovered to contain an abort in CWriter::MangleT ... | bookworm, bullseye, buster | |
| CVE-2023-27117 | WebAssembly v1.0.29 was discovered to contain a heap overflow via the ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-27119 | WebAssembly v1.0.29 was discovered to contain a segmentation fault via ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-30300 | An issue in the component hang.wasm of WebAssembly 1.0 causes an infin ... | bookworm, bullseye, buster | |
| CVE-2023-31669 | WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dyl ... | bookworm, bullseye, buster | |
| CVE-2023-31670 | An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and ... | bookworm, bullseye, buster | |
| CVE-2023-46331 | WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in DataSegm ... | bookworm, bullseye, buster, sid, trixie | |
| wavpack | CVE-2021-44269 | An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV f ... | bullseye, buster |
| webkit2gtk | CVE-2023-32409 | The issue was addressed with improved bounds checks. This issue is fix ... | buster |
| wheel | CVE-2022-40898 | An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 ... | bullseye, buster |
| whitedune | CVE-2017-17518 | swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not val ... | bookworm, bullseye, buster, sid |
| whohas | CVE-2021-4258 | A vulnerability was found in whohas. It has been rated as problematic. ... | bookworm, bullseye, buster, sid, trixie |
| wkhtmltopdf | CVE-2022-35583 | wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to g ... | bookworm, bullseye, buster, sid, trixie |
| wordpress | CVE-2006-0733 | Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows rem ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2008-0191 | WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2011-4898 | wp-admin/setup-config.php in the installation component in WordPress 3 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2011-4899 | wp-admin/setup-config.php in the installation component in WordPress 3 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2012-0782 | Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup- ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2012-0937 | wp-admin/setup-config.php in the installation component in WordPress 3 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2012-5868 | WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upo ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2013-7233 | Cross-site request forgery (CSRF) vulnerability in the retrospam compo ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2017-6514 | WordPress 4.7.2 mishandles listings of post authors, which allows remo ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-6389 | In WordPress through 4.9.2, unauthenticated attackers can cause a deni ... | bookworm, bullseye, buster, sid, trixie | |
| wpa | CVE-2017-13084 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Sta ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-5061 | An exploitable denial-of-service vulnerability exists in the hostapd 2 ... | buster | |
| CVE-2019-5062 | An exploitable denial-of-service vulnerability exists in the 802.11w s ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-30004 | In wpa_supplicant and hostapd 2.9, forging attacks may occur because A ... | bookworm, bullseye, buster, sid, trixie | |
| wpewebkit | CVE-2023-32409 | The issue was addressed with improved bounds checks. This issue is fix ... | bookworm, bullseye |
| xbindkeys-config | CVE-2014-9513 | Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows rem ... | bookworm, bullseye, buster |
| xchat | CVE-2011-5129 | Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote at ... | buster |
| xdg-user-dirs | CVE-2017-15131 | It was found that system umask policy is not being honored when creati ... | bookworm, bullseye, buster, sid, trixie |
| xen | CVE-2014-9066 | Xen 4.4.x and earlier, when using a large number of VCPUs, does not pr ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2021-28689 | x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests ... | bookworm, bullseye, buster, sid, trixie | |
| xerces-c | CVE-2012-0880 | Apache Xerces-C++ allows remote attackers to cause a denial of service ... | bookworm, bullseye, buster, sid, trixie |
| xfig | CVE-2009-4228 | Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlie ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-45920 | Xfig v3.2.8 was discovered to contain a NULL pointer dereference when ... | bookworm, bullseye, buster | |
| xloadimage | CVE-2006-4484 | Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in ... | bookworm, bullseye, buster, sid, trixie |
| xorg-server | CVE-2022-3553 | A vulnerability, which was classified as problematic, was found in X.o ... | bullseye, buster |
| CVE-2024-31082 | A heap-based buffer over-read vulnerability was found in the X.org ser ... | buster | |
| xpdf | CVE-2010-0206 | xpdf allows remote attackers to cause a denial of service (NULL pointe ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2010-0207 | In xpdf, the xref table contains an infinite loop which allows remote ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2013-4472 | The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-7173 | A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-7174 | An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-7175 | An issue was discovered in xpdf 4.00. A NULL pointer dereference in re ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-7452 | A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc i ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-7453 | Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-7454 | A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpd ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-7455 | An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xp ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-8100 | The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allo ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-8101 | The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-8102 | The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-8103 | The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-8104 | The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows atta ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-8105 | The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allow ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-8106 | The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-8107 | The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows atta ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-11033 | The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-16368 | SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-16369 | XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18454 | CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote atta ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18455 | The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18456 | The function Object::isName() in Object.h (called from Gfx::opSetFillC ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18457 | The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remo ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18458 | The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows r ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2018-18459 | The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remo ... | bookworm, bullseye, buster, sid, trixie | |
| xserver-xorg-video-nouveau | CVE-2018-3979 | A remote denial-of-service vulnerability exists in the way the Nouveau ... | bookworm, bullseye, buster, sid, trixie |
| xterm | CVE-2006-4447 | X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtran ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2023-40359 | xterm before 380 supports ReGIS reporting for character-set names even ... | bookworm, bullseye, buster | |
| yabasic | CVE-2019-19720 | Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() functio ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2019-19796 | Yabasic 2.86.2 has a heap-based buffer overflow in myformat in functio ... | bookworm, bullseye, buster, sid, trixie | |
| yara | CVE-2019-19648 | In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, ... | bookworm, bullseye, buster, sid, trixie |
| yasm | CVE-2021-33454 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2021-33455 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33456 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33457 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33458 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33459 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33460 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33461 | An issue was discovered in yasm version 1.3.0. There is a use-after-fr ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33462 | An issue was discovered in yasm version 1.3.0. There is a use-after-fr ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33463 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33465 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33466 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33467 | An issue was discovered in yasm version 1.3.0. There is a use-after-fr ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2021-33468 | An issue was discovered in yasm version 1.3.0. There is a use-after-fr ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-29580 | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violatio ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-29581 | yasm 1.3.0.55.g101bc has a segmentation violation in the function dele ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-29582 | yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via th ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-29583 | yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via th ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-30402 | YASM v1.3.0 was discovered to contain a heap overflow via the function ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31723 | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violatio ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31724 | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violatio ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31725 | yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free v ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31972 | yasm v1.3.0 was discovered to contain a use after free via the functio ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31973 | yasm v1.3.0 was discovered to contain a use after free via the functio ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31974 | yasm v1.3.0 was discovered to contain a use after free via the functio ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-31975 | yasm v1.3.0 was discovered to contain a memory leak via the function y ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-37732 | Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-49554 | Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote at ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-49555 | An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-49556 | Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote a ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-49557 | An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-49558 | An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ... | bookworm, bullseye, buster, sid, trixie | |
| CVE-2023-51258 | A memory leak issue discovered in YASM v.1.3.0 allows a local attacker ... | bookworm, bullseye, buster, sid, trixie | |
| yaws | CVE-2009-4495 | Yaws 1.85 writes data to a log file without sanitizing non-printable c ... | bookworm, bullseye, buster, sid, trixie |
| yum | CVE-2013-1910 | yum does not properly handle bad metadata, which allows an attacker to ... | buster |
| zabbix | CVE-2023-29453 | Templates do not properly consider backticks (`) as Javascript string ... | bookworm, bullseye, buster |
| zangband | CVE-2021-40589 | ZAngband zangband-data 2.7.5 is affected by an integer underflow vulne ... | bookworm, bullseye, buster, sid, trixie |
| zeek | CVE-2021-41732 | An issue was discovered in zeek version 4.1.0. There is a HTTP request ... | sid |
| zim | CVE-2020-10870 | Zim through 0.72.1 creates temporary directories with predictable name ... | buster |
| zip | CVE-2018-13410 | Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, a ... | bookworm, bullseye, buster, sid, trixie |
| zoneminder | CVE-2019-7350 | Session fixation exists in ZoneMinder through 1.32.3, as an attacker c ... | bookworm, bullseye, sid |
| CVE-2019-7351 | Log Injection exists in ZoneMinder through 1.32.3, as an attacker can ... | bookworm, bullseye, sid | |
| CVE-2019-8423 | ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ... | bookworm, bullseye, sid | |
| CVE-2019-8425 | includes/database.php in ZoneMinder before 1.32.3 has XSS in the const ... | bookworm, bullseye, sid | |
| CVE-2019-8427 | daemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ... | bookworm, bullseye, sid | |
| CVE-2019-8429 | ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php fil ... | bookworm, bullseye, sid | |
| CVE-2022-1726 | Bootstrap Tables XSS vulnerability with Table Export plug-in when expo ... | bookworm, bullseye, sid | |
| CVE-2022-29806 | ZoneMinder before 1.36.13 allows remote code execution via an invalid ... | bullseye | |
| CVE-2022-30768 | A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows ... | bookworm, bullseye, sid | |
| CVE-2022-30769 | Session fixation exists in ZoneMinder through 1.36.12 as an attacker c ... | bookworm, bullseye, sid | |
| CVE-2022-39285 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2022-39289 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2022-39290 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2022-39291 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-25825 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26032 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26034 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26035 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26036 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26037 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26038 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26039 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| zoph | CVE-2014-9235 | Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Pho ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2014-9236 | Cross-site scripting (XSS) vulnerability in php/edit_photos.php in Zop ... | bookworm, bullseye, buster, sid, trixie | |
| zziplib | CVE-2018-6542 | In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trail ... | bookworm, bullseye, buster, sid, trixie |
| CVE-2018-7727 | An issue was discovered in ZZIPlib 0.13.68. There is a memory leak tri ... | bookworm, bullseye, buster, sid, trixie | |
| zziplib | CVE-2018-17828 | Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers ... | bookworm, bullseye, buster, sid, trixie |