Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
9159 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-12936 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
| The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | ||||
| CVE-2017-9989 | 2 Debian, Libming | 2 Debian Linux, Libming | 2025-04-20 | N/A |
| util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack. | ||||
| CVE-2017-9776 | 3 Debian, Freedesktop, Redhat | 9 Debian Linux, Poppler, Enterprise Linux and 6 more | 2025-04-20 | N/A |
| Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | ||||
| CVE-2017-9992 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2025-04-20 | N/A |
| Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2017-9330 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 5.6 Medium |
| QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505. | ||||
| CVE-2014-4914 | 2 Debian, Zend | 2 Debian Linux, Zend Framework | 2025-04-20 | N/A |
| The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors. | ||||
| CVE-2017-2518 | 2 Apple, Debian | 5 Iphone Os, Mac Os X, Tvos and 2 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement. | ||||
| CVE-2016-0762 | 6 Apache, Canonical, Debian and 3 more | 16 Tomcat, Ubuntu Linux, Debian Linux and 13 more | 2025-04-20 | 5.9 Medium |
| The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder. | ||||
| CVE-2017-9868 | 2 Debian, Eclipse | 2 Debian Linux, Mosquitto | 2025-04-20 | N/A |
| In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is world readable, which allows local users to obtain sensitive MQTT topic information. | ||||
| CVE-2016-1254 | 5 Debian, Fedoraproject, Opensuse and 2 more | 6 Debian Linux, Fedora, Leap and 3 more | 2025-04-20 | N/A |
| Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor. | ||||
| CVE-2017-9065 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2025-04-20 | N/A |
| In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API. | ||||
| CVE-2017-9525 | 3 Canonical, Cron Project, Debian | 3 Ubuntu Linux, Cron, Debian Linux | 2025-04-20 | 6.7 Medium |
| In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs. | ||||
| CVE-2017-12809 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 6.5 Medium |
| QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive. | ||||
| CVE-2017-9349 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value. | ||||
| CVE-2017-9726 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2025-04-20 | N/A |
| The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | ||||
| CVE-2015-7504 | 4 Debian, Qemu, Redhat and 1 more | 5 Debian Linux, Qemu, Enterprise Linux and 2 more | 2025-04-20 | 8.8 High |
| Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode. | ||||
| CVE-2017-13064 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-04-20 | N/A |
| GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | ||||
| CVE-2017-9462 | 3 Debian, Mercurial, Redhat | 9 Debian Linux, Mercurial, Enterprise Linux and 6 more | 2025-04-20 | 8.8 High |
| In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. | ||||
| CVE-2017-10806 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 5.5 Medium |
| Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages. | ||||
| CVE-2017-9468 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2025-04-20 | N/A |
| In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash. | ||||