debian debian linux 10.0 vulnerabilities and exploits

(subscribe to this query)

6.5

CVSSv3

Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver...

Linux Linux Kernel Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0

5.5

CVSSv3

An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c....

Linux Linux Kernel Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0

5.5

CVSSv3

A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash....

Linux Linux Kernel Debian Debian Linux 9.0 Debian Debian Linux 10.01 Github repository available

3.3

CVSSv3

drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function....

Linux Linux Kernel Debian Debian Linux 9.0 Debian Debian Linux 10.0

4.7

An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs....

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0

7.8

CVSSv3

The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation....

Debian X11-common Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

3.7

CVSSv3

** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot...

Openbsd Openssh Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.04 Github repositories available

6.5

CVSSv3

path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path....

Python Pillow Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.01 Github repository available

5.9

CVSSv3

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011....

Gnome Grilo Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0

7.5

CVSSv3

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication method. (Only versions after 2.0.5a are affected.)...

Inverse Sogo Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook