Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2018-7551

Exploit
  • EPSS 0.57%
  • Veröffentlicht 28.02.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:21

There is an invalid free in MiniPS::delete0 in minips.cpp that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

9.8

CVE-2018-7552

Exploit
  • EPSS 0.57%
  • Veröffentlicht 28.02.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:21

There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

9.8

CVE-2018-7553

Exploit
  • EPSS 0.56%
  • Veröffentlicht 28.02.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:21

There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

9.8

CVE-2018-7554

Exploit
  • EPSS 0.57%
  • Veröffentlicht 28.02.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:21

There is an invalid free in ReadImage in input-bmp.ci that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

8.6

CVE-2017-5660

  • EPSS 2.58%
  • Veröffentlicht 27.02.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:28:07

There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used.

7.5

CVE-2017-7671

  • EPSS 4.27%
  • Veröffentlicht 27.02.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:32:25

There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.

6.5

CVE-2018-7540

  • EPSS 0.09%
  • Veröffentlicht 27.02.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:19

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.

8.8

CVE-2018-7541

  • EPSS 0.09%
  • Veröffentlicht 27.02.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:19

An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.

6.5

CVE-2018-7542

  • EPSS 0.05%
  • Veröffentlicht 27.02.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:19

An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.

6.5

CVE-2018-0489

  • EPSS 0.24%
  • Veröffentlicht 27.02.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:20

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonat...