Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1%
  • Veröffentlicht 28.10.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.

  • EPSS 1%
  • Veröffentlicht 28.10.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.

  • EPSS 0.91%
  • Veröffentlicht 28.10.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Access violation near NULL on destination operand" and crash when processing a malformed CUE (.cue) file.

  • EPSS 79.86%
  • Veröffentlicht 27.10.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the ...

  • EPSS 36.56%
  • Veröffentlicht 27.10.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative ...

  • EPSS 2.57%
  • Veröffentlicht 27.10.2017 18:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.

Exploit
  • EPSS 1.27%
  • Veröffentlicht 27.10.2017 16:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_comma...

  • EPSS 1.88%
  • Veröffentlicht 27.10.2017 05:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • EPSS 1.43%
  • Veröffentlicht 27.10.2017 05:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to spoof the contents of the omnibox via a crafted HTML page.

  • EPSS 1.34%
  • Veröffentlicht 27.10.2017 05:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.