debian debian linux 11.0 vulnerabilities and exploits

(subscribe to this query)

7.8

x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page...

Xen Xen Debian Debian Linux 11.0 Fedoraproject Fedora 37 Fedoraproject Fedora 38

6.5

x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to...

Xen Xen Debian Debian Linux 11.0 Fedoraproject Fedora 37 Fedoraproject Fedora 38

8.6

x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to...

Xen Xen Debian Debian Linux 11.0 Fedoraproject Fedora 37 Fedoraproject Fedora 38

9.8

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1....

Spip Spip 4.2.0 Spip Spip Debian Debian Linux 11.0

7.5

An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of...

Haxx Curl Fedoraproject Fedora 36 Debian Debian Linux 10.0 Debian Debian Linux 11.0

6.5

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length....

Libreswan Libreswan 4.9 Debian Debian Linux 11.0

9.8

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *"...

Gnu Emacs Debian Debian Linux 11.0

9.1

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP...

Haproxy Haproxy Debian Debian Linux 10.0 Debian Debian Linux 11.02 Github repositories available

7.5

A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version...

Actionpack Project Actionpack Debian Debian Linux 11.01 Github repository available

5.7

An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific...

Openstack Nova Openstack Glance Openstack Cinder Debian Debian Linux 10.0 Debian Debian Linux 11.01 Github repository available

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook