Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2014-3610

Exploit
  • EPSS 0.05%
  • Published 10.11.2014 11:55:06
  • Last modified 12.04.2025 10:46:40

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS...

4.7

CVE-2014-3611

  • EPSS 0.04%
  • Published 10.11.2014 11:55:06
  • Last modified 12.04.2025 10:46:40

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.

5.5

CVE-2014-3646

  • EPSS 0.06%
  • Published 10.11.2014 11:55:06
  • Last modified 12.04.2025 10:46:40

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

5.5

CVE-2014-3647

  • EPSS 0.03%
  • Published 10.11.2014 11:55:06
  • Last modified 12.04.2025 10:46:40

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

7.8

CVE-2014-3673

Exploit
  • EPSS 9.8%
  • Published 10.11.2014 11:55:06
  • Last modified 12.04.2025 10:46:40

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

7.8

CVE-2014-3687

Exploit
  • EPSS 1.98%
  • Published 10.11.2014 11:55:06
  • Last modified 12.04.2025 10:46:40

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork ...

2.1

CVE-2014-3640

  • EPSS 0.05%
  • Published 07.11.2014 19:55:02
  • Last modified 12.04.2025 10:46:40

The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized s...

5

CVE-2014-8483

  • EPSS 3.72%
  • Published 06.11.2014 15:55:09
  • Last modified 12.04.2025 10:46:40

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.

7.5

CVE-2014-8542

  • EPSS 1.77%
  • Published 05.11.2014 11:55:07
  • Last modified 12.04.2025 10:46:40

libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data.

5

CVE-2014-3710

  • EPSS 7.78%
  • Published 05.11.2014 11:55:06
  • Last modified 12.04.2025 10:46:40

The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and appli...