List of all vulnerabilities

Report a vulnerability
CVE-2023-6918 – Libssh: missing checks for return values for digests
12/18/2023
Affected packages: libssh
Low severity
CVE-2023-6817 – Use-after-free in Linux kernel's netfilter: nf_tables component
12/18/2023
Affected packages: albatross • cdrom • conf-bpftool • conf-libbpf • conf-linux-libc-dev • core • core_unix • hvsock • mirage-block-unix • mm ... (27)
High severity
CVE-2023-47038 – Perl: write past buffer end via illegal user-defined unicode property
12/18/2023
Affected packages: bap-std • conf-perl • goblint-cil
High severity
CVE-2023-47038 – Perl: write past buffer end via illegal user-defined unicode property
12/18/2023
Affected packages: bap-std • conf-perl • goblint-cil
High severity
CVE-2023-48795
12/18/2023
Affected packages: libssh
Medium severity
CVE-2023-48795
12/18/2023
Affected packages: libssh
Medium severity
CVE-2023-50268 – jq has stack-based buffer overflow in decNaNs
12/13/2023
Affected packages: conf-jq • travis-opam
Medium severity
CVE-2023-50246 – jq has heap-buffer-overflow vulnerability in the function decToString in decNumber.c
12/13/2023
Affected packages: conf-jq • travis-opam
Medium severity
CVE-2023-49355
12/11/2023
Affected packages: conf-jq • travis-opam
High severity
CVE-2023-5870 – Postgresql: role pg_signal_backend can signal certain superuser processes.
12/10/2023
Affected packages: conf-mingw-w64-postgresql-i686 • conf-mingw-w64-postgresql-x86_64 • conf-postgresql • ocsigen-start • postgresql
Low severity
CVE-2023-5870 – Postgresql: role pg_signal_backend can signal certain superuser processes.
12/10/2023
Affected packages: conf-mingw-w64-postgresql-i686 • conf-mingw-w64-postgresql-x86_64 • conf-postgresql • ocsigen-start • postgresql
Low severity
CVE-2023-5868 – Postgresql: memory disclosure in aggregate function calls
12/10/2023
Affected packages: conf-mingw-w64-postgresql-i686 • conf-mingw-w64-postgresql-x86_64 • conf-postgresql • ocsigen-start • postgresql
Medium severity
CVE-2023-5868 – Postgresql: memory disclosure in aggregate function calls
12/10/2023
Affected packages: conf-mingw-w64-postgresql-i686 • conf-mingw-w64-postgresql-x86_64 • conf-postgresql • ocsigen-start • postgresql
Medium severity
CVE-2023-5869 – Postgresql: buffer overrun from integer overflow in array modification
12/10/2023
Affected packages: conf-mingw-w64-postgresql-i686 • conf-mingw-w64-postgresql-x86_64 • conf-postgresql • ocsigen-start • postgresql
High severity
CVE-2023-5869 – Postgresql: buffer overrun from integer overflow in array modification
12/10/2023
Affected packages: conf-mingw-w64-postgresql-i686 • conf-mingw-w64-postgresql-x86_64 • conf-postgresql • ocsigen-start • postgresql
High severity
CVE-2023-50431
12/9/2023
Affected packages: albatross • cdrom • conf-bpftool • conf-libbpf • conf-linux-libc-dev • core • core_unix • hvsock • mirage-block-unix • mm ... (27)
Unknown severity
CVE-2023-6560 – Kernel: io_uring out of boundary memory access in __io_uaddr_map()
12/8/2023
Affected packages: albatross • cdrom • conf-bpftool • conf-libbpf • conf-linux-libc-dev • core • core_unix • hvsock • mirage-block-unix • mm ... (27)
Medium severity
CVE-2023-6507 – Groups not dropped before running subprocess when using empty 'extra_groups' parameter
12/8/2023
Affected packages: conf-python-2-7 • conf-python-2-7-dev • conf-python-3 • conf-python-3-7 • conf-python-3-dev • py • termbox ... (7)
Medium severity
CVE-2023-6622 – Kernel: null pointer dereference vulnerability in nft_dynset_init()
12/8/2023
Affected packages: albatross • cdrom • conf-bpftool • conf-libbpf • conf-linux-libc-dev • core • core_unix • hvsock • mirage-block-unix • mm ... (27)
Medium severity
CVE-2023-6622 – Kernel: null pointer dereference vulnerability in nft_dynset_init()
12/8/2023
Affected packages: albatross • cdrom • conf-bpftool • conf-libbpf • conf-linux-libc-dev • core • core_unix • hvsock • mirage-block-unix • mm ... (27)
Medium severity