Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-1676

  • EPSS 1.36%
  • Published 05.06.2016 23:59:04
  • Last modified 12.04.2025 10:46:40

extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

8.8

CVE-2016-1675

  • EPSS 1.02%
  • Published 05.06.2016 23:59:03
  • Last modified 12.04.2025 10:46:40

Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp.

8.8

CVE-2016-1674

  • EPSS 1.01%
  • Published 05.06.2016 23:59:02
  • Last modified 12.04.2025 10:46:40

The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

8.8

CVE-2016-1673

  • EPSS 1.03%
  • Published 05.06.2016 23:59:01
  • Last modified 12.04.2025 10:46:40

Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

8.8

CVE-2016-1672

  • EPSS 1.36%
  • Published 05.06.2016 23:59:00
  • Last modified 12.04.2025 10:46:40

The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypa...

7.8

CVE-2016-5126

  • EPSS 0.2%
  • Published 01.06.2016 22:59:08
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

6

CVE-2016-4454

  • EPSS 0.06%
  • Published 01.06.2016 22:59:04
  • Last modified 12.04.2025 10:46:40

The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA comma...

4.9

CVE-2016-4453

  • EPSS 0.06%
  • Published 01.06.2016 22:59:03
  • Last modified 12.04.2025 10:46:40

The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.

7.5

CVE-2016-4423

  • EPSS 1.44%
  • Published 01.06.2016 22:59:02
  • Last modified 12.04.2025 10:46:40

The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username st...

7.5

CVE-2016-1902

  • EPSS 0.4%
  • Published 01.06.2016 22:59:01
  • Last modified 12.04.2025 10:46:40

The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random...