Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2012-6698

  • EPSS 0.56%
  • Published 11.04.2016 15:59:00
  • Last modified 12.04.2025 10:46:40

The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response.

7.5

CVE-2016-2381

  • EPSS 18.02%
  • Published 08.04.2016 15:59:05
  • Last modified 12.04.2025 10:46:40

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.

9.8

CVE-2016-3153

  • EPSS 1.46%
  • Published 08.04.2016 14:59:03
  • Last modified 12.04.2025 10:46:40

SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to execute arbitrary PHP code by adding content, related to the filtrer_entites function.

9.8

CVE-2016-2851

Exploit
  • EPSS 23.06%
  • Published 07.04.2016 23:59:09
  • Last modified 12.04.2025 10:46:40

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-...

7.5

CVE-2016-2098

  • EPSS 86.07%
  • Published 07.04.2016 23:59:06
  • Last modified 12.04.2025 10:46:40

Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.

6.1

CVE-2016-2511

Exploit
  • EPSS 0.39%
  • Published 07.04.2016 21:59:03
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter to log.php.

8.1

CVE-2016-2510

Exploit
  • EPSS 37.92%
  • Published 07.04.2016 20:59:05
  • Last modified 12.04.2025 10:46:40

BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.

6.5

CVE-2016-2858

  • EPSS 0.12%
  • Published 07.04.2016 19:59:03
  • Last modified 12.04.2025 10:46:40

QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.

7.3

CVE-2015-8837

Exploit
  • EPSS 1.06%
  • Published 30.03.2016 10:59:01
  • Last modified 12.04.2025 10:46:40

Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file.

9.3

CVE-2016-1650

  • EPSS 1.14%
  • Published 29.03.2016 10:59:04
  • Last modified 12.04.2025 10:46:40

The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by tri...