Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2018-11531

Exploit
  • EPSS 1.44%
  • Veröffentlicht 29.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:33

Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.

7.8

CVE-2018-11506

  • EPSS 0.08%
  • Veröffentlicht 28.05.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:30

The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes...

5.5

CVE-2018-11503

  • EPSS 0.52%
  • Veröffentlicht 26.05.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:30

The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

5.5

CVE-2018-11504

  • EPSS 0.24%
  • Veröffentlicht 26.05.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:30

The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

6.5

CVE-2018-11496

Exploit
  • EPSS 0.84%
  • Veröffentlicht 26.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:29

In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation.

8.8

CVE-2018-11490

  • EPSS 0.23%
  • Veröffentlicht 26.05.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:28

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to ...

5.5

CVE-2018-11468

Exploit
  • EPSS 0.52%
  • Veröffentlicht 25.05.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:25

The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

9.8

CVE-2018-8013

  • EPSS 1.67%
  • Veröffentlicht 24.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:13:05

In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before ...

5.5

CVE-2018-1000040

Exploit
  • EPSS 0.26%
  • Veröffentlicht 24.05.2018 13:29:01
  • Zuletzt bearbeitet 21.11.2024 03:39:30

In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.

5.5

CVE-2018-1000199

  • EPSS 0.48%
  • Veröffentlicht 24.05.2018 13:29:01
  • Zuletzt bearbeitet 21.11.2024 03:39:55

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptra...