debian debian linux 12.0 vulnerabilities and exploits

(subscribe to this query)

A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race ...

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 12.0

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG...

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0 Debian Debian Linux 12.0

A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue.

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0 Debian Debian Linux 12.0

An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local malicious user to crash the system or leak kernel internal information.

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0 Debian Debian Linux 12.0

Shibboleth XMLTooling prior to 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)

Shibboleth Xmltooling Debian Debian Linux 11.0 Debian Debian Linux 12.0

The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatc...

Mozilla Thunderbird Debian Debian Linux 11.0 Debian Debian Linux 12.0

When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signe...

Mozilla Thunderbird Debian Debian Linux 11.0 Debian Debian Linux 12.0

Heap buffer overflow in Mojom IDL in Google Chrome before 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Google Chrome Debian Debian Linux 11.0 Debian Debian Linux 12.0

Use after free in Media in Google Chrome before 114.0.5735.198 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Google Chrome Debian Debian Linux 11.0 Debian Debian Linux 12.0

Incorrect security UI in BFCache in Google Chrome before 116.0.5845.179 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

Google Chrome Debian Debian Linux 11.0 Debian Debian Linux 12.0

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook