Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.6%
  • Veröffentlicht 26.05.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:30

The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

  • EPSS 1.51%
  • Veröffentlicht 26.05.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:30

The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

Exploit
  • EPSS 1.34%
  • Veröffentlicht 26.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:29

In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation.

  • EPSS 2.48%
  • Veröffentlicht 26.05.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:28

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to ...

Exploit
  • EPSS 1.51%
  • Veröffentlicht 25.05.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:25

The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.

  • EPSS 19.52%
  • Veröffentlicht 24.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:13:05

In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before ...

Exploit
  • EPSS 1.47%
  • Veröffentlicht 24.05.2018 13:29:01
  • Zuletzt bearbeitet 21.11.2024 03:39:30

In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.

  • EPSS 1.22%
  • Veröffentlicht 24.05.2018 13:29:01
  • Zuletzt bearbeitet 21.11.2024 03:39:55

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptra...

  • EPSS 6%
  • Veröffentlicht 24.05.2018 13:29:01
  • Zuletzt bearbeitet 15.04.2026 21:16:59

curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP...

Exploit
  • EPSS 0.97%
  • Veröffentlicht 24.05.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:29

In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.