Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.61%
  • Veröffentlicht 30.10.2007 22:46:00
  • Zuletzt bearbeitet 16.06.2026 22:46:43

Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used ...

  • EPSS 80.27%
  • Veröffentlicht 11.10.2007 10:17:00
  • Zuletzt bearbeitet 16.06.2026 22:45:58

Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemo...

  • EPSS 0.44%
  • Veröffentlicht 04.10.2007 16:17:00
  • Zuletzt bearbeitet 16.06.2026 22:45:37

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.

  • EPSS 11.32%
  • Veröffentlicht 18.09.2007 21:17:00
  • Zuletzt bearbeitet 16.06.2026 22:40:31

Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which...

  • EPSS 14.9%
  • Veröffentlicht 05.09.2007 01:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:10

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

  • EPSS 2.99%
  • Veröffentlicht 04.09.2007 22:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:31

Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn func...

  • EPSS 2.99%
  • Veröffentlicht 04.09.2007 18:17:00
  • Zuletzt bearbeitet 16.06.2026 22:43:12

The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certai...

  • EPSS 8.57%
  • Veröffentlicht 30.07.2007 23:17:00
  • Zuletzt bearbeitet 16.06.2026 22:41:54

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute...

Exploit
  • EPSS 70.39%
  • Veröffentlicht 16.07.2007 22:30:00
  • Zuletzt bearbeitet 16.06.2026 22:42:45

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

  • EPSS 11.38%
  • Veröffentlicht 26.06.2007 22:30:00
  • Zuletzt bearbeitet 16.06.2026 22:39:35

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cl...