Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-11-17 | CVE-2010-4008 | libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. | Openoffice, Iphone_os, Itunes, Mac_os_x, Safari, Ubuntu_linux, Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Suse_linux_enterprise_server, Libxml2 | N/A | ||
| 2015-10-19 | CVE-2015-5707 | Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | Ubuntu_linux, Debian_linux, Linux_kernel, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | ||
| 2011-05-03 | CVE-2011-1444 | Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | Debian_linux, Chrome | N/A | ||
| 2011-03-25 | CVE-2011-1293 | Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | Iphone_os, Itunes, Safari, Debian_linux, Chrome | N/A | ||
| 2011-03-25 | CVE-2011-1292 | Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | Debian_linux, Chrome | N/A | ||
| 2019-04-24 | CVE-2019-9928 | GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. | Ubuntu_linux, Debian_linux, Gstreamer | 8.8 | ||
| 2019-10-18 | CVE-2019-18197 | In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. | Ubuntu_linux, Debian_linux, Libxslt | N/A | ||
| 2017-02-22 | CVE-2017-6188 | Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user. | Debian_linux, Munin | N/A | ||
| 2011-07-07 | CVE-2011-2192 | The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Libcurl | N/A | ||
| 2011-05-03 | CVE-2011-1440 | Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. | Itunes, Safari, Debian_linux, Chrome | N/A |