Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2017-14928

  • EPSS 0.29%
  • Veröffentlicht 30.09.2017 01:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document.

9

CVE-2017-14867

  • EPSS 6.97%
  • Veröffentlicht 29.09.2017 01:34:50
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacha...

5.5

CVE-2017-14859

Exploit
  • EPSS 0.12%
  • Veröffentlicht 29.09.2017 01:34:49
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

5.5

CVE-2017-14862

Exploit
  • EPSS 0.12%
  • Veröffentlicht 29.09.2017 01:34:49
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

5.5

CVE-2017-14864

Exploit
  • EPSS 0.12%
  • Veröffentlicht 29.09.2017 01:34:49
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

5.5

CVE-2017-14737

  • EPSS 0.05%
  • Veröffentlicht 26.09.2017 01:29:03
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array...

6.5

CVE-2017-14733

  • EPSS 1.42%
  • Veröffentlicht 25.09.2017 21:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

6.1

CVE-2015-6748

  • EPSS 2.04%
  • Veröffentlicht 25.09.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.

4.9

CVE-2017-12153

  • EPSS 0.02%
  • Veröffentlicht 21.09.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be i...

8.8

CVE-2017-14160

  • EPSS 1.55%
  • Veröffentlicht 21.09.2017 14:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.