Filtered by vendor Debian
Subscribe
Total
9011 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-39261 | 4 Debian, Drupal, Fedoraproject and 1 more | 4 Debian Linux, Drupal, Fedora and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prior to 3.4.3 encounter an issue when the filesystem loader loads templates for which the name is a user input. It is possible to use the `source` or `include` statement to read arbitrary files from outside the templates' directory when using a namespace like `@somewhere/../some.file`. In such a case, validation is bypassed. Versions 1.44.7, 2.15.3, and 3.4.3 contain a fix for validation of such template names. There are no known workarounds aside from upgrading. | |||||
| CVE-2022-39260 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Xcode, Debian Linux, Fedora and 1 more | 2024-11-21 | N/A | 8.5 HIGH |
| Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround. | |||||
| CVE-2022-39253 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Xcode, Debian Linux, Fedora and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source's `$GIT_DIR/objects` directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks are disabled via `--no-hardlinks`). A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim's machine. This can be done either by having the victim clone a malicious repository on the same machine, or having them clone a malicious repository embedded as a bare repository via a submodule from any source, provided they clone with the `--recurse-submodules` option. Git does not create symbolic links in the `$GIT_DIR/objects` directory. The problem has been patched in the versions published on 2022-10-18, and backported to v2.30.x. Potential workarounds: Avoid cloning untrusted repositories using the `--local` optimization when on a shared machine, either by passing the `--no-local` option to `git clone` or cloning from a URL that uses the `file://` scheme. Alternatively, avoid cloning repositories from untrusted sources with `--recurse-submodules` or run `git config --global protocol.file.allow user`. | |||||
| CVE-2022-39190 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
| An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. | |||||
| CVE-2022-39188 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | N/A | 4.7 MEDIUM |
| An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. | |||||
| CVE-2022-39177 | 3 Bluez, Canonical, Debian | 3 Bluez, Ubuntu Linux, Debian Linux | 2024-11-21 | N/A | 8.8 HIGH |
| BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. | |||||
| CVE-2022-39176 | 3 Bluez, Canonical, Debian | 3 Bluez, Ubuntu Linux, Debian Linux | 2024-11-21 | N/A | 8.8 HIGH |
| BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. | |||||
| CVE-2022-39028 | 4 Debian, Gnu, Mit and 1 more | 4 Debian Linux, Inetutils, Kerberos 5 and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. | |||||
| CVE-2022-38866 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38865 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38864 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. | |||||
| CVE-2022-38863 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. | |||||
| CVE-2022-38861 | 2 Debian, Mplayerhq | 2 Debian Linux, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c. | |||||
| CVE-2022-38860 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38858 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38855 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38851 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | |||||
| CVE-2022-38850 | 2 Debian, Mplayerhq | 2 Debian Linux, Mencoder | 2024-11-21 | N/A | 5.5 MEDIUM |
| The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function config () of llibmpcodecs/vf_scale.c. | |||||
| CVE-2022-38784 | 3 Debian, Fedoraproject, Freedesktop | 3 Debian Linux, Fedora, Poppler | 2024-11-21 | N/A | 7.8 HIGH |
| Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | |||||
| CVE-2022-38751 | 2 Debian, Snakeyaml Project | 2 Debian Linux, Snakeyaml | 2024-11-21 | N/A | 6.5 MEDIUM |
| Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. | |||||