Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-10 CVE-2024-46952 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian CWE-120
7.8
2024-11-10 CVE-2024-46953 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-190
7.8
2024-11-10 CVE-2024-46956 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-125
7.8
2024-11-10 CVE-2024-46951 Access of Uninitialized Pointer vulnerability in multiple products
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-824
7.8
2024-07-01 CVE-2024-6387 Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd).
8.1
2024-06-05 CVE-2024-5629 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.
network
low complexity
mongodb debian CWE-125
8.1
2024-05-22 CVE-2024-4453 Integer Overflow or Wraparound vulnerability in multiple products
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability.
local
low complexity
gstreamer-project debian CWE-190
7.8
2024-02-23 CVE-2024-26598 Use After Free vulnerability in multiple products
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DISCARD ITS command.
local
low complexity
linux debian CWE-416
7.8
2024-02-20 CVE-2024-1552 Incorrect Conversion between Numeric Types vulnerability in multiple products
Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices.
network
low complexity
mozilla debian CWE-681
7.5
2024-02-13 CVE-2024-24814 mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality.
network
low complexity
openidc debian fedoraproject
7.5