Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
9125 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-12197 | 3 Debian, Libpam4j Project, Redhat | 5 Debian Linux, Libpam4j, Enterprise Linux and 2 more | 2024-11-21 | N/A |
| It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information. | ||||
| CVE-2017-12187 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12186 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12185 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12184 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12183 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12182 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12181 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12180 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12179 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12178 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12177 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12176 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | N/A |
| xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||||
| CVE-2017-12163 | 3 Debian, Redhat, Samba | 8 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-21 | N/A |
| An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. | ||||
| CVE-2017-12151 | 4 Debian, Hp, Redhat and 1 more | 9 Debian Linux, Cifs Server, Enterprise Linux and 6 more | 2024-11-21 | N/A |
| A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. | ||||
| CVE-2017-12150 | 3 Debian, Redhat, Samba | 8 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-21 | 7.4 High |
| It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. | ||||
| CVE-2017-12122 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2024-11-21 | 8.8 High |
| An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | ||||
| CVE-2017-12105 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. | ||||
| CVE-2017-12104 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. | ||||
| CVE-2017-12103 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 7.8 High |
| An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. | ||||