Debian

Debian Linux

9947 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-2776

  • EPSS 2.01%
  • Veröffentlicht 31.03.2015 14:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a workbook.

6.8

CVE-2015-2754

  • EPSS 2.15%
  • Veröffentlicht 31.03.2015 14:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."

6.8

CVE-2015-2753

  • EPSS 1.92%
  • Veröffentlicht 31.03.2015 14:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) or possibly execute arbitrary code via a crafted sector in a workbook.

4

CVE-2015-2684

  • EPSS 0.46%
  • Veröffentlicht 31.03.2015 14:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message.

7.5

CVE-2015-0838

  • EPSS 2.81%
  • Veröffentlicht 31.03.2015 14:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file.

7.5

CVE-2014-9706

Exploit
  • EPSS 2.77%
  • Veröffentlicht 31.03.2015 14:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.

7.5

CVE-2015-2331

Exploit
  • EPSS 42.71%
  • Veröffentlicht 30.03.2015 10:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial ...

6.8

CVE-2015-2305

Exploit
  • EPSS 31.02%
  • Veröffentlicht 30.03.2015 10:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary co...

7.5

CVE-2015-2301

Exploit
  • EPSS 11.21%
  • Veröffentlicht 30.03.2015 10:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an a...

5

CVE-2014-9709

Exploit
  • EPSS 16.54%
  • Veröffentlicht 30.03.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperl...