CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian » Debian Linux : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-35410 22 Dir. Trav. +Info 2022-07-08 2022-07-20
5.0
None Remote Low Not required Partial None None
mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive.
2 CVE-2022-34903 74 2022-07-01 2022-09-09
5.8
None Remote Medium Not required Partial Partial None
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
3 CVE-2022-32091 416 2022-07-01 2022-12-07
5.0
None Remote Low Not required None None Partial
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.
4 CVE-2022-32088 2022-07-01 2022-10-26
5.0
None Remote Low Not required None None Partial
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort.
5 CVE-2022-32087 2022-07-01 2022-10-26
5.0
None Remote Low Not required None None Partial
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args.
6 CVE-2022-32085 2022-07-01 2022-10-26
5.0
None Remote Low Not required None None Partial
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor.
7 CVE-2022-32084 2022-07-01 2022-12-07
5.0
None Remote Low Not required None None Partial
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.
8 CVE-2022-32083 2022-07-01 2022-10-25
5.0
None Remote Low Not required None None Partial
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker.
9 CVE-2022-31291 415 2022-06-16 2023-02-03
5.0
None Remote Low Not required None None Partial
An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.
10 CVE-2022-31088 74 2022-06-27 2022-07-07
5.0
None Remote Low Not required Partial None None
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed in version 8.0.
11 CVE-2022-31043 200 +Info 2022-06-10 2022-12-03
5.0
None Remote Low Not required Partial None None
Guzzle is an open source PHP HTTP client. In affected versions `Authorization` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, we should not forward the `Authorization` header on. This is much the same as to how we don't forward on the header if the host changes. Prior to this fix, `https` to `http` downgrades did not result in the `Authorization` header being removed, only changes to the host. Affected Guzzle 7 users should upgrade to Guzzle 7.4.4 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.7 or 7.4.4. Users unable to upgrade may consider an alternative approach which would be to use their own redirect middleware. Alternately users may simply disable redirects all together if redirects are not expected or required.
12 CVE-2022-31042 200 +Info 2022-06-10 2022-12-03
5.0
None Remote Low Not required Partial None None
Guzzle is an open source PHP HTTP client. In affected versions the `Cookie` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, or on making a request to a server which responds with a redirect to a a URI to a different host, we should not forward the `Cookie` header on. Prior to this fix, only cookies that were managed by our cookie middleware would be safely removed, and any `Cookie` header manually added to the initial request would not be stripped. We now always strip it, and allow the cookie middleware to re-add any cookies that it deems should be there. Affected Guzzle 7 users should upgrade to Guzzle 7.4.4 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.7 or 7.4.4. Users unable to upgrade may consider an alternative approach to use your own redirect middleware, rather than ours. If you do not require or expect redirects to be followed, one should simply disable redirects all together.
13 CVE-2022-31002 125 2022-05-31 2022-11-16
5.0
None Remote Low Not required None None Partial
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue.
14 CVE-2022-31001 125 2022-05-31 2022-11-16
5.0
None Remote Low Not required None None Partial
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0)`, which will make `n` bigger and trigger out-of-bound access when `IS_NON_WS(s[n])`. Version 1.13.8 contains a patch for this issue.
15 CVE-2022-30293 787 Overflow 2022-05-06 2022-10-14
5.1
None Remote High Not required Partial Partial Partial
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.
16 CVE-2022-29970 22 Dir. Trav. 2022-05-02 2022-11-16
5.0
None Remote Low Not required Partial None None
Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.
17 CVE-2022-29885 400 2022-05-12 2022-11-08
5.0
None Remote Low Not required None None Partial
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks.
18 CVE-2022-29536 787 Overflow 2022-04-20 2022-10-05
5.0
None Remote Low Not required None None Partial
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
19 CVE-2022-29458 125 2022-04-18 2022-11-08
5.8
None Remote Medium Not required Partial None Partial
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
20 CVE-2022-29248 200 +Info 2022-05-25 2022-12-03
5.8
None Remote Medium Not required Partial Partial None
Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains. The cookie middleware is disabled by default, so most library consumers will not be affected by this issue. Only those who manually add the cookie middleware to the handler stack or construct the client with ['cookies' => true] are affected. Moreover, those who do not use the same Guzzle client to call multiple domains and have disabled redirect forwarding are not affected by this vulnerability. Guzzle versions 6.5.6 and 7.4.3 contain a patch for this issue. As a workaround, turn off the cookie middleware.
21 CVE-2022-27782 295 2022-06-02 2023-01-05
5.0
None Remote Low Not required None Partial None
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
22 CVE-2022-27781 835 2022-06-02 2023-01-05
5.0
None Remote Low Not required None None Partial
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
23 CVE-2022-27775 2022-06-02 2023-01-05
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.
24 CVE-2022-27458 416 2022-04-14 2022-10-08
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Binary_string::free_buffer() at /sql/sql_string.h.
25 CVE-2022-27456 416 2022-04-14 2022-10-08
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc.
26 CVE-2022-27452 2022-04-14 2022-09-29
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc.
27 CVE-2022-27449 2022-04-14 2022-10-07
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148.
28 CVE-2022-27448 617 2022-04-14 2022-10-08
5.0
None Remote Low Not required None None Partial
There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc.
29 CVE-2022-27447 416 2022-04-14 2022-10-08
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h.
30 CVE-2022-27445 2022-04-14 2022-09-29
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/sql_window.cc.
31 CVE-2022-27387 120 Overflow 2022-04-12 2022-09-29
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.
32 CVE-2022-27386 89 Sql 2022-04-12 2022-09-29
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.
33 CVE-2022-27384 89 DoS Sql 2022-04-12 2022-09-29
5.0
None Remote Low Not required None None Partial
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
34 CVE-2022-27383 416 2022-04-12 2022-09-29
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements.
35 CVE-2022-27381 89 DoS Sql 2022-04-12 2022-09-29
5.0
None Remote Low Not required None None Partial
An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
36 CVE-2022-27380 89 DoS Sql 2022-04-12 2022-11-08
5.0
None Remote Low Not required None None Partial
An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
37 CVE-2022-27379 89 DoS Sql 2022-04-12 2022-10-08
5.0
None Remote Low Not required None None Partial
An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
38 CVE-2022-27378 89 DoS Sql 2022-04-12 2022-10-08
5.0
None Remote Low Not required None None Partial
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
39 CVE-2022-27377 416 2022-04-12 2022-10-08
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements.
40 CVE-2022-27376 416 2022-04-12 2022-09-29
5.0
None Remote Low Not required None None Partial
MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements.
41 CVE-2022-26847 200 +Info 2022-03-10 2022-03-18
5.0
None Remote Low Not required Partial None None
SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about editorial objects.
42 CVE-2022-26662 776 2022-03-10 2022-03-18
5.0
None Remote Low Not required None None Partial
An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server.
43 CVE-2022-26498 400 2022-04-15 2023-01-27
5.0
None Remote Low Not required None None Partial
An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2.
44 CVE-2022-26353 772 Exec Code 2022-03-16 2023-02-02
5.0
None Remote Low Not required None None Partial
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage, use-after-free or other unexpected results. A malicious privileged guest could exploit this issue to crash QEMU or potentially execute arbitrary code within the context of the QEMU process on the host.
45 CVE-2022-25647 502 2022-05-01 2022-11-28
5.0
None Remote Low Not required None None Partial
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
46 CVE-2022-25314 190 Overflow 2022-02-18 2022-10-05
5.0
None Remote Low Not required None None Partial
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
47 CVE-2022-24921 400 2022-03-05 2022-11-09
5.0
None Remote Low Not required None None Partial
regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.
48 CVE-2022-24884 347 2022-05-06 2022-05-16
5.0
None Remote Low Not required None Partial None
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: `ecdsa_verify_list_legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and the libecdsautil library are affected. The issue has been fixed in ecdsautils 0.4.1. All older versions of ecdsautils (including versions before the split into a library and a CLI utility) are vulnerable.
49 CVE-2022-24836 400 2022-04-11 2022-12-21
5.0
None Remote Low Not required None None Partial
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue.
50 CVE-2022-24790 444 2022-03-30 2022-10-12
5.0
None Remote Low Not required None Partial None
Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The vulnerability has been fixed in 5.6.4 and 4.3.12. Users are advised to upgrade as soon as possible. Workaround: when deploying a proxy in front of Puma, turning on any and all functionality to make sure that the request matches the RFC7230 standard.
Total number of vulnerabilities : 1514   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.