Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-10 | CVE-2024-46955 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. | 5.5 |
| 2024-11-10 | CVE-2024-46956 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-11-10 | CVE-2024-46951 | Access of Uninitialized Pointer vulnerability in multiple products An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-10-15 | CVE-2024-41311 | Out-of-bounds Write vulnerability in multiple products In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. | 8.1 |
| 2024-10-09 | CVE-2024-9680 | Use After Free vulnerability in multiple products An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. | 9.8 |
| 2024-10-03 | CVE-2024-8508 | Improper Validation of Specified Quantity in Input vulnerability in multiple products NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. | 5.3 |
| 2024-07-11 | CVE-2024-6531 | Cross-site Scripting vulnerability in multiple products A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. | 6.1 |
| 2024-07-01 | CVE-2024-6387 | Race Condition vulnerability in multiple products A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). | 8.1 |
| 2024-06-28 | CVE-2024-37371 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. | 9.1 |
| 2024-06-11 | CVE-2024-5690 | Information Exposure Through Discrepancy vulnerability in multiple products By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. | 4.3 |