Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2024-12-12 CVE-2024-47606 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
GStreamer is a library for constructing graphs of media-handling components.
network
low complexity
gstreamer-project debian CWE-191
critical
9.8
2024-11-10 CVE-2024-46952 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian CWE-120
7.8
2024-11-10 CVE-2024-46953 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-190
7.8
2024-11-10 CVE-2024-46955 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-125
5.5
2024-11-10 CVE-2024-46956 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-125
7.8
2024-11-10 CVE-2024-46951 Access of Uninitialized Pointer vulnerability in multiple products
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-824
7.8
2024-10-09 CVE-2024-9680 Use After Free vulnerability in multiple products
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines.
network
low complexity
mozilla debian CWE-416
critical
9.8
2024-10-03 CVE-2024-8508 Improper Validation of Specified Quantity in Input vulnerability in multiple products
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for.
network
low complexity
nlnetlabs debian CWE-1284
5.3
2024-07-01 CVE-2024-6387 Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd).
8.1
2024-06-28 CVE-2024-37371 In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
network
low complexity
mit debian
critical
9.1