Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2016-9635

Exploit
  • EPSS 16.09%
  • Published 27.01.2017 22:59:01
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 's...

7.5

CVE-2016-10002

  • EPSS 11.39%
  • Published 27.01.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack req...

7.8

CVE-2016-9453

  • EPSS 0.42%
  • Published 27.01.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one.

7.5

CVE-2016-10159

  • EPSS 8.97%
  • Published 24.01.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PH...

9.8

CVE-2016-10160

  • EPSS 3.77%
  • Published 24.01.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archiv...

5.5

CVE-2016-9401

  • EPSS 0.03%
  • Published 23.01.2017 21:59:02
  • Last modified 06.08.2025 22:15:28

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

7.8

CVE-2015-8971

  • EPSS 0.64%
  • Published 23.01.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063.

6.5

CVE-2016-7799

  • EPSS 1.3%
  • Published 18.01.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

5.5

CVE-2016-7906

  • EPSS 0.47%
  • Published 18.01.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.

4.7

CVE-2016-9811

  • EPSS 0.49%
  • Published 13.01.2017 16:59:01
  • Last modified 20.04.2025 01:37:25

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.