Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.36%
  • Veröffentlicht 05.06.2012 22:55:07
  • Zuletzt bearbeitet 16.06.2026 23:37:00

The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-b...

  • EPSS 2.36%
  • Veröffentlicht 05.06.2012 22:55:07
  • Zuletzt bearbeitet 16.06.2026 23:37:00

The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.

  • EPSS 3.82%
  • Veröffentlicht 05.06.2012 22:55:06
  • Zuletzt bearbeitet 16.06.2026 23:36:58

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.

  • EPSS 2.33%
  • Veröffentlicht 02.06.2012 15:55:00
  • Zuletzt bearbeitet 16.06.2026 23:42:24

chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a den...

  • EPSS 2.63%
  • Veröffentlicht 29.05.2012 20:55:08
  • Zuletzt bearbeitet 16.06.2026 23:40:44

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute ar...

  • EPSS 0.47%
  • Veröffentlicht 17.05.2012 11:00:36
  • Zuletzt bearbeitet 16.06.2026 23:38:26

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context...

Warnung Exploit
  • EPSS 100%
  • Veröffentlicht 11.05.2012 10:15:48
  • Zuletzt bearbeitet 16.06.2026 23:40:22

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by ...

  • EPSS 0.36%
  • Veröffentlicht 22.04.2012 18:55:03
  • Zuletzt bearbeitet 16.06.2026 23:36:54

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow ...

  • EPSS 10.42%
  • Veröffentlicht 17.04.2012 21:55:01
  • Zuletzt bearbeitet 16.06.2026 23:39:11

Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.

  • EPSS 3.57%
  • Veröffentlicht 22.03.2012 16:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:30

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly exe...