Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 1.1 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2018-14912
cgit_clone_objects in CGit prior to 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
Cgit Project Cgit
Debian Debian Linux 9.0
Debian Debian Linux 8.0
1 EDB exploit
668
VMScore
CVE-2014-9746
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType prior to 2.5.4 do not check return values, wh...
Freetype Freetype
Debian Debian Linux 8.0
Debian Debian Linux 7.0
605
VMScore
CVE-2017-14151
An off-by-one error exists in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_mqc_flush in lib/openjp2/mqc.c and opj_...
Uclouvain Openjpeg 2.2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
605
VMScore
CVE-2017-14152
A mishandled zero case exists in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c and opj...
Uclouvain Openjpeg 2.2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
445
VMScore
CVE-2018-14423
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG up to and including 2.3.0 allow remote malicious users to cause a denial of service (application crash).
Uclouvain Openjpeg
Debian Debian Linux 9.0
Debian Debian Linux 8.0
NA
CVE-2023-38802
FRRouting FRR 7.5.1 up to and including 9.0 and Pica8 PICOS 4.3.3.2 allow a remote malicious user to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).
Frrouting Frrouting
Pica8 Picos 4.3.3.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
320
VMScore
CVE-2021-41136
Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the p...
Puma Puma
Debian Debian Linux 10.0
Debian Debian Linux 11.0
383
VMScore
CVE-2018-18088
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
Uclouvain Openjpeg 2.3.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
445
VMScore
CVE-2018-6519
The SAML2 library prior to 1.10.4, 2.x prior to 2.3.5, and 3.x prior to 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service vulnerability for fraction-of-seconds data in a timestamp.
Simplesamlphp Saml2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
446
VMScore
CVE-2021-27291
In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a ...
Pygments Pygments
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »