Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 8.77%
  • Veröffentlicht 21.09.2016 14:25:20
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.

  • EPSS 2.96%
  • Veröffentlicht 21.09.2016 14:25:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.

Exploit
  • EPSS 67.73%
  • Veröffentlicht 20.09.2016 18:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow loc...

Exploit
  • EPSS 2.12%
  • Veröffentlicht 20.09.2016 14:15:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefin...

Exploit
  • EPSS 2.21%
  • Veröffentlicht 20.09.2016 14:15:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.

  • EPSS 4.3%
  • Veröffentlicht 20.09.2016 14:15:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

  • EPSS 3.23%
  • Veröffentlicht 20.09.2016 14:15:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar...

  • EPSS 2.53%
  • Veröffentlicht 09.09.2016 14:05:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a rebuild of the user profile form.

  • EPSS 2.09%
  • Veröffentlicht 09.09.2016 10:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) v...

  • EPSS 2.65%
  • Veröffentlicht 09.09.2016 10:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet.