Filtered by vendor Debian
Subscribe
Search
Total
6968 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-1981 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS. | |||||
| CVE-2016-7909 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 4.9 MEDIUM | 4.4 MEDIUM |
| The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0. | |||||
| CVE-2015-8745 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS. | |||||
| CVE-2016-1922 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'current_cpu' remains null, which leads to the null pointer dereference. A user or process could use this flaw to crash the QEMU instance, resulting in DoS issue. | |||||
| CVE-2016-9776 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS. | |||||
| CVE-2016-7908 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 4.4 MEDIUM |
| The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags. | |||||
| CVE-2017-7718 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions. | |||||
| CVE-2016-9915 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 4.9 MEDIUM | 6.5 MEDIUM |
| Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend. | |||||
| CVE-2017-5856 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 4.9 MEDIUM | 6.5 MEDIUM |
| Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb. | |||||
| CVE-2017-5525 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 4.9 MEDIUM | 6.5 MEDIUM |
| Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. | |||||
| CVE-2017-13672 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update. | |||||
| CVE-2017-12809 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 6.5 MEDIUM |
| QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive. | |||||
| CVE-2017-9503 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 1.9 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing. | |||||
| CVE-2008-3913 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2020-11-10 | 5.0 MEDIUM | N/A |
| Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic". | |||||
| CVE-2017-9373 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 1.9 LOW | 5.5 MEDIUM |
| Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device. | |||||
| CVE-2017-11334 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 4.4 MEDIUM |
| The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area. | |||||
| CVE-2017-5579 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 4.9 MEDIUM | 6.5 MEDIUM |
| Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. | |||||
| CVE-2017-17381 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 6.5 MEDIUM |
| The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings. | |||||
| CVE-2016-2198 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS. | |||||
| CVE-2015-8744 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS. | |||||
| CVE-2017-9330 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 1.9 LOW | 5.6 MEDIUM |
| QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505. | |||||
| CVE-2017-11434 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string. | |||||
| CVE-2017-9375 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 1.9 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing. | |||||
| CVE-2017-5987 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 2.1 LOW | 5.5 MEDIUM |
| The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer. | |||||
| CVE-2020-13398 | 4 Canonical, Debian, Freerdp and 1 more | 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more | 2020-11-09 | 6.5 MEDIUM | 8.3 HIGH |
| An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c. | |||||
| CVE-2020-13397 | 4 Canonical, Debian, Freerdp and 1 more | 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more | 2020-11-09 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. | |||||
| CVE-2017-18509 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2020-11-09 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187. | |||||
| CVE-2020-13396 | 4 Canonical, Debian, Freerdp and 1 more | 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more | 2020-11-09 | 5.5 MEDIUM | 7.1 HIGH |
| An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. | |||||
| CVE-2009-4484 | 4 Canonical, Debian, Oracle and 1 more | 4 Ubuntu Linux, Debian Linux, Mysql and 1 more | 2020-11-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a. | |||||
| CVE-2018-1000671 | 2 Debian, Sympa | 2 Debian Linux, Sympa | 2020-11-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs. This attack appear to be exploitable via Victim's browser must follow a URL supplied by the attacker. This vulnerability appears to have been fixed in none available. | |||||
| CVE-2008-3912 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2020-11-09 | 5.0 MEDIUM | N/A |
| libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition. | |||||
| CVE-2007-2650 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2020-11-09 | 4.3 MEDIUM | N/A |
| The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file. | |||||
| CVE-2018-19058 | 3 Canonical, Debian, Freedesktop | 3 Ubuntu Linux, Debian Linux, Poppler | 2020-11-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file. | |||||
| CVE-2018-20662 | 3 Debian, Fedoraproject, Freedesktop | 3 Debian Linux, Fedora, Poppler | 2020-11-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing. | |||||
| CVE-2020-26117 | 3 Debian, Opensuse, Tigervnc | 3 Debian Linux, Leap, Tigervnc | 2020-11-06 | 5.8 MEDIUM | 8.1 HIGH |
| In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception. | |||||
| CVE-2016-7798 | 2 Debian, Ruby-lang | 2 Debian Linux, Openssl | 2020-11-05 | 5.0 MEDIUM | 7.5 HIGH |
| The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. | |||||
| CVE-2009-0784 | 2 Debian, Systemtap | 2 Debian Linux, Systemtap | 2020-11-04 | 6.3 MEDIUM | N/A |
| Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors. | |||||
| CVE-2007-5191 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2020-11-04 | 7.2 HIGH | N/A |
| mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs. | |||||
| CVE-2009-0590 | 2 Debian, Openssl | 2 Debian Linux, Openssl | 2020-11-03 | 5.0 MEDIUM | N/A |
| The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. | |||||
| CVE-2020-14390 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2020-11-02 | 4.6 MEDIUM | 5.6 MEDIUM |
| A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. | |||||
| CVE-2020-25211 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2020-11-02 | 3.6 LOW | 6.0 MEDIUM |
| In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. | |||||
| CVE-2020-10802 | 2 Debian, Phpmyadmin | 2 Debian Linux, Phpmyadmin | 2020-11-02 | 6.0 MEDIUM | 8.0 HIGH |
| In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table. | |||||
| CVE-2020-10803 | 2 Debian, Phpmyadmin | 2 Debian Linux, Phpmyadmin | 2020-11-02 | 3.5 LOW | 5.4 MEDIUM |
| In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack. | |||||
| CVE-2018-19758 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2020-10-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | |||||
| CVE-2018-19662 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2020-10-29 | 5.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service. | |||||
| CVE-2018-19661 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2020-10-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. | |||||
| CVE-2017-14634 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2020-10-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. | |||||
| CVE-2017-14246 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2020-10-29 | 5.8 MEDIUM | 8.1 HIGH |
| An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | |||||
| CVE-2017-14245 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2020-10-29 | 5.8 MEDIUM | 8.1 HIGH |
| An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | |||||
| CVE-2015-8743 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-10-29 | 3.6 LOW | 7.1 HIGH |
| QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes. | |||||