Debian

Debian Linux

9142 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2016-7156

  • EPSS 0.1%
  • Veröffentlicht 10.12.2016 00:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast.

4.4

CVE-2016-7155

  • EPSS 0.11%
  • Veröffentlicht 10.12.2016 00:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings.

6

CVE-2016-7116

  • EPSS 1.04%
  • Veröffentlicht 10.12.2016 00:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified string.

4.4

CVE-2016-6888

  • EPSS 0.1%
  • Veröffentlicht 10.12.2016 00:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an uncheck...

6

CVE-2016-6836

  • EPSS 0.11%
  • Veröffentlicht 10.12.2016 00:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.

6

CVE-2016-6835

  • EPSS 0.11%
  • Veröffentlicht 10.12.2016 00:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.

4.4

CVE-2016-6834

  • EPSS 0.12%
  • Veröffentlicht 10.12.2016 00:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length...

4.4

CVE-2016-6833

  • EPSS 0.11%
  • Veröffentlicht 10.12.2016 00:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging failure to check if the device i...

7.1

CVE-2016-5424

  • EPSS 1.61%
  • Veröffentlicht 09.12.2016 23:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ ...

8.3

CVE-2016-5423

  • EPSS 3.28%
  • Veröffentlicht 09.12.2016 23:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory informat...