Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-10 | CVE-2024-46955 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. | 5.5 |
| 2024-10-03 | CVE-2024-8508 | Improper Validation of Specified Quantity in Input vulnerability in multiple products NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. | 5.3 |
| 2024-06-11 | CVE-2024-5690 | Information Exposure Through Discrepancy vulnerability in multiple products By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. | 4.3 |
| 2024-06-07 | CVE-2024-37383 | Cross-site Scripting vulnerability in multiple products Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes. | 6.1 |
| 2024-05-30 | CVE-2024-36941 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here. | 5.5 |
| 2024-05-30 | CVE-2024-36954 | Memory Leak vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipc_buf_append __skb_linearize() doesn't free the skb when it fails, so move '*buf = NULL' after __skb_linearize(), so that the skb can be freed on the err path. | 5.5 |
| 2024-05-19 | CVE-2024-35922 | Divide By Zero vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow. | 5.5 |
| 2024-05-19 | CVE-2024-35925 | Divide By Zero vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blk_rq_stat_sum() The expression dst->nr_samples + src->nr_samples may have zero value on overflow. | 5.5 |
| 2024-05-19 | CVE-2024-35930 | Memory Leak vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an unsuccessful status. | 5.5 |
| 2024-05-19 | CVE-2024-35933 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev->req_skb is NULL, which will cause this issue. | 5.5 |