Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2016-5584

  • EPSS 0.44%
  • Veröffentlicht 25.10.2016 14:30:54
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.

10

CVE-2016-7117

  • EPSS 8.18%
  • Veröffentlicht 10.10.2016 11:00:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

5.5

CVE-2016-7424

  • EPSS 0.24%
  • Veröffentlicht 07.10.2016 14:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file.

4.9

CVE-2016-7909

  • EPSS 0.14%
  • Veröffentlicht 05.10.2016 16:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to ...

4.4

CVE-2016-7908

  • EPSS 0.13%
  • Veröffentlicht 05.10.2016 16:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU...

10

CVE-2016-7161

  • EPSS 20.2%
  • Veröffentlicht 05.10.2016 16:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.

7.5

CVE-2016-1246

  • EPSS 1.93%
  • Veröffentlicht 05.10.2016 16:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message.

7.5

CVE-2016-7401

  • EPSS 4.38%
  • Veröffentlicht 03.10.2016 18:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.

9.3

CVE-2016-1244

  • EPSS 9.98%
  • Veröffentlicht 03.10.2016 18:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.

9.8

CVE-2016-1243

  • EPSS 27.69%
  • Veröffentlicht 03.10.2016 18:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.