Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 6.54%
  • Veröffentlicht 16.06.2016 18:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists beca...

  • EPSS 4.05%
  • Veröffentlicht 16.06.2016 18:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.

  • EPSS 0.4%
  • Veröffentlicht 16.06.2016 18:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.

  • EPSS 2.37%
  • Veröffentlicht 16.06.2016 18:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.

  • EPSS 0.5%
  • Veröffentlicht 14.06.2016 14:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information tran...

  • EPSS 0.43%
  • Veröffentlicht 14.06.2016 14:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.

  • EPSS 0.42%
  • Veröffentlicht 14.06.2016 14:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.

  • EPSS 2.27%
  • Veröffentlicht 13.06.2016 19:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding.

  • EPSS 3.81%
  • Veröffentlicht 13.06.2016 19:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity d...

  • EPSS 1.35%
  • Veröffentlicht 13.06.2016 10:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing att...