Debian: >> Debian Linux Security Vulnerabilities
A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.
CVSS Score
7.4
EPSS Score
0.001
Published
2022-09-01
Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
CVSS Score
6.5
EPSS Score
0.001
Published
2022-08-31
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-08-31
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-08-31
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.
CVSS Score
7.0
EPSS Score
0.0
Published
2022-08-31