Total
9169 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24370 | 3 Debian, Fedoraproject, Lua | 3 Debian Linux, Fedora, Lua | 2025-05-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31). | |||||
| CVE-2021-38160 | 4 Debian, Linux, Netapp and 1 more | 9 Debian Linux, Linux Kernel, Element Software and 6 more | 2025-05-05 | 7.2 HIGH | 7.8 HIGH |
| In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior | |||||
| CVE-2023-45871 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-05-05 | N/A | 7.5 HIGH |
| An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. | |||||
| CVE-2022-43253 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43252 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43250 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43249 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43248 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43238 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43237 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43236 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43235 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2021-37789 | 2 Debian, Stb Project | 2 Debian Linux, Stb | 2025-05-02 | N/A | 8.1 HIGH |
| stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service. | |||||
| CVE-2022-44638 | 3 Debian, Fedoraproject, Pixman | 3 Debian Linux, Fedora, Pixman | 2025-05-02 | N/A | 8.8 HIGH |
| In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. | |||||
| CVE-2022-40284 | 3 Debian, Fedoraproject, Tuxera | 3 Debian Linux, Fedora, Ntfs-3g | 2025-05-02 | N/A | 7.8 HIGH |
| A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device. | |||||
| CVE-2021-34055 | 2 Debian, Jhead Project | 2 Debian Linux, Jhead | 2025-05-02 | N/A | 7.8 HIGH |
| jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u. | |||||
| CVE-2024-26744 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-05-02 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support specifying the srpt_service_guid parameter Make loading ib_srpt with this parameter set work. The current behavior is that setting that parameter while loading the ib_srpt kernel module triggers the following kernel crash: BUG: kernel NULL pointer dereference, address: 0000000000000000 Call Trace: <TASK> parse_one+0x18c/0x1d0 parse_args+0xe1/0x230 load_module+0x8de/0xa60 init_module_from_file+0x8b/0xd0 idempotent_init_module+0x181/0x240 __x64_sys_finit_module+0x5a/0xb0 do_syscall_64+0x5f/0xe0 entry_SYSCALL_64_after_hwframe+0x6e/0x76 | |||||
| CVE-2024-37384 | 2 Debian, Roundcube | 2 Debian Linux, Webmail | 2025-05-01 | N/A | 6.1 MEDIUM |
| Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences. | |||||
| CVE-2023-5472 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-01 | N/A | 8.8 HIGH |
| Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-5476 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-05-01 | N/A | 8.8 HIGH |
| Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||