debian debian linux 11.0 vulnerabilities and exploits

(subscribe to this query)

4.7

An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs....

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0

6.5

CVSSv3

Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver...

Linux Linux Kernel Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0

5.5

CVSSv3

An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c....

Linux Linux Kernel Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0

7.5

CVSSv3

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication method. (Only versions after 2.0.5a are affected.)...

Inverse Sogo Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0

5.9

CVSSv3

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011....

Gnome Grilo Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0

3.7

CVSSv3

** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot...

Openbsd Openssh Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.04 Github repositories available

6.5

CVSSv3

path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path....

Python Pillow Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 11.01 Github repository available

8.8

CVSSv3

Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....

Google Chrome Debian Debian Linux 10.0 Debian Debian Linux 11.0

6.5

CVSSv3

Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page....

Google Chrome Debian Debian Linux 10.0 Debian Debian Linux 11.0

8.8

CVSSv3

Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets....

Google Chrome Debian Debian Linux 10.0 Debian Debian Linux 11.0

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook