Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2016-4738

  • EPSS 7.63%
  • Published 25.09.2016 10:59:41
  • Last modified 12.04.2025 10:46:40

libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

9.8

CVE-2016-6525

  • EPSS 5.36%
  • Published 22.09.2016 15:59:04
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.

7.8

CVE-2016-7163

Exploit
  • EPSS 0.34%
  • Published 21.09.2016 14:25:28
  • Last modified 12.04.2025 10:46:40

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

8.1

CVE-2016-7143

  • EPSS 1.01%
  • Published 21.09.2016 14:25:26
  • Last modified 12.04.2025 10:46:40

The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.

8.8

CVE-2016-6801

  • EPSS 0.36%
  • Published 21.09.2016 14:25:21
  • Last modified 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3, 2.10.x before 2.10.4, 2.12.x before 2.12.4, and 2.13.x before 2.13.3 ...

9.8

CVE-2016-6354

  • EPSS 36.85%
  • Published 21.09.2016 14:25:20
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.

9.8

CVE-2015-8871

  • EPSS 2.73%
  • Published 21.09.2016 14:25:00
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.

10

CVE-2016-6662

Exploit
  • EPSS 89.58%
  • Published 20.09.2016 18:59:00
  • Last modified 12.04.2025 10:46:40

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow loc...

7.8

CVE-2015-8931

Exploit
  • EPSS 0.27%
  • Published 20.09.2016 14:15:18
  • Last modified 12.04.2025 10:46:40

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefin...

5.5

CVE-2015-8932

Exploit
  • EPSS 0.56%
  • Published 20.09.2016 14:15:18
  • Last modified 12.04.2025 10:46:40

The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.