Debian

Debian Linux

9142 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6

CVE-2016-4441

  • EPSS 0.1%
  • Veröffentlicht 20.05.2016 14:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via...

6.7

CVE-2016-4439

  • EPSS 0.31%
  • Veröffentlicht 20.05.2016 14:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU p...

7.5

CVE-2016-4348

  • EPSS 3.08%
  • Veröffentlicht 20.05.2016 14:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.

7.5

CVE-2015-7558

  • EPSS 1.43%
  • Veröffentlicht 20.05.2016 14:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.

7.8

CVE-2016-1840

Exploit
  • EPSS 2.14%
  • Veröffentlicht 20.05.2016 10:59:54
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause...

5.5

CVE-2016-1839

Exploit
  • EPSS 10.77%
  • Veröffentlicht 20.05.2016 10:59:53
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a craft...

5.5

CVE-2016-1838

Exploit
  • EPSS 10.65%
  • Veröffentlicht 20.05.2016 10:59:52
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-...

5.5

CVE-2016-1837

Exploit
  • EPSS 0.79%
  • Veröffentlicht 20.05.2016 10:59:51
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remot...

5.5

CVE-2016-1836

  • EPSS 1.15%
  • Veröffentlicht 20.05.2016 10:59:50
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via ...

8.8

CVE-2016-1835

  • EPSS 2.57%
  • Veröffentlicht 20.05.2016 10:59:49
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.