Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-10 | CVE-2024-46952 | Classic Buffer Overflow vulnerability in multiple products An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-11-10 | CVE-2024-46953 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-11-10 | CVE-2024-46956 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-11-10 | CVE-2024-46951 | Access of Uninitialized Pointer vulnerability in multiple products An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-10-15 | CVE-2024-41311 | Out-of-bounds Write vulnerability in multiple products In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. | 8.1 |
| 2024-07-01 | CVE-2024-6387 | Race Condition vulnerability in multiple products A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). | 8.1 |
| 2024-06-05 | CVE-2024-5629 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory. | 8.1 |
| 2024-06-03 | CVE-2024-36960 | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structure that's actually used. The length of the drm_event was set to the parent structure instead of to the drm_vmw_event_fence which is supposed to be read. | 7.1 |
| 2024-05-30 | CVE-2024-36940 | Double Free vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freeing it in pinctrl_enable() will lead to a double free. The devm_pinctrl_dev_release() function frees the pindescs and destroys the mutex as well. | 7.8 |
| 2024-05-22 | CVE-2024-4453 | Integer Overflow or Wraparound vulnerability in multiple products GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. | 7.8 |