Filtered by vendor Debian
Subscribe
Total
8236 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-5043 | 2 Burn Project, Debian | 2 Burn, Debian Linux | 2019-11-06 | 7.5 HIGH | 9.8 CRITICAL |
| burn allows file names to escape via mishandled quotation marks | |||||
| CVE-2009-5042 | 2 Debian, Python-docutils Project | 2 Debian Linux, Python-docutils | 2019-11-06 | 6.4 MEDIUM | 9.1 CRITICAL |
| python-docutils allows insecure usage of temporary files | |||||
| CVE-2017-5332 | 5 Canonical, Debian, Icoutils Project and 2 more | 11 Ubuntu Linux, Debian Linux, Icoutils and 8 more | 2019-11-06 | 6.8 MEDIUM | 7.8 HIGH |
| The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. | |||||
| CVE-2018-1000878 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2019-11-05 | 6.8 MEDIUM | 8.8 HIGH |
| libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive. | |||||
| CVE-2018-1000877 | 5 Canonical, Debian, Fedoraproject and 2 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2019-11-05 | 6.8 MEDIUM | 8.8 HIGH |
| libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive. | |||||
| CVE-2019-1000019 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2019-11-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file. | |||||
| CVE-2018-15910 | 5 Artifex, Canonical, Debian and 2 more | 9 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 6 more | 2019-11-05 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. | |||||
| CVE-2018-16513 | 4 Artifex, Canonical, Debian and 1 more | 5 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 2 more | 2019-11-05 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. | |||||
| CVE-2018-18284 | 5 Artifex, Canonical, Debian and 2 more | 11 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 8 more | 2019-11-05 | 6.8 MEDIUM | 8.6 HIGH |
| Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. | |||||
| CVE-2009-5041 | 1 Debian | 1 Overkill | 2019-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| overkill has buffer overflow via long player names that can corrupt data on the server machine | |||||
| CVE-2017-5331 | 4 Canonical, Debian, Icoutils Project and 1 more | 5 Ubuntu Linux, Debian Linux, Icoutils and 2 more | 2019-11-05 | 4.6 MEDIUM | 7.8 HIGH |
| Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. | |||||
| CVE-2013-3718 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Evince, Opensuse and 1 more | 2019-11-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| evince is missing a check on number of pages which can lead to a segmentation fault | |||||
| CVE-2013-2600 | 2 Debian, Miniupnp Project | 2 Debian Linux, Miniupnpd | 2019-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| MiniUPnPd has information disclosure use of snprintf() | |||||
| CVE-2013-2739 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2019-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| MiniDLNA has heap-based buffer overflow | |||||
| CVE-2013-2227 | 2 Debian, Glpi-project | 2 Debian Linux, Glpi | 2019-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| GLPI 0.83.7 has Local File Inclusion in common.tabs.php. | |||||
| CVE-2013-4412 | 3 Berlios, Debian, Gnu | 3 Slim, Debian Linux, Glibc | 2019-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| slim has NULL pointer dereference when using crypt() method from glibc 2.17 | |||||
| CVE-2013-1934 | 2 Debian, Mantisbt | 2 Debian Linux, Mantisbt | 2019-11-01 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.0rc1 before 1.2.14 allows remote authenticated users to inject arbitrary web script or HTML via a complex value. | |||||
| CVE-2010-0207 | 2 Debian, Xpdfreader | 2 Debian Linux, Xpdf | 2019-11-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers. | |||||
| CVE-2010-0206 | 2 Debian, Xpdfreader | 2 Debian Linux, Xpdf | 2019-11-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects. | |||||
| CVE-2011-4931 | 2 Debian, Gpw Project | 2 Debian Linux, Gpw | 2019-11-01 | 5.0 MEDIUM | 7.5 HIGH |
| gpw generates shorter passwords than required | |||||