Debian: >> Debian Linux >> 9.0 Security Vulnerabilities
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-20
arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-09-20
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-09-19
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-16
fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-16
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-16
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-09-16
fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-16
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-16
fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-16