Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-11-20 | CVE-2017-12608 | A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution. | Openoffice, Debian_linux | 7.8 | ||
2017-12-20 | CVE-2017-17784 | In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data. | Ubuntu_linux, Debian_linux, Gimp | 7.8 | ||
2017-12-20 | CVE-2017-17785 | In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | Ubuntu_linux, Debian_linux, Gimp | 7.8 | ||
2017-12-20 | CVE-2017-17786 | In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image. | Ubuntu_linux, Debian_linux, Gimp | 7.8 | ||
2017-12-20 | CVE-2017-17787 | In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c. | Ubuntu_linux, Debian_linux, Gimp | 7.8 | ||
2017-12-20 | CVE-2017-17788 | In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string. | Ubuntu_linux, Debian_linux, Gimp | 5.5 | ||
2017-12-20 | CVE-2017-17789 | In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c. | Ubuntu_linux, Debian_linux, Gimp | 7.8 | ||
2017-01-30 | CVE-2015-7977 | ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. | Ubuntu_linux, Debian_linux, Fedora, Freebsd, Clustered_data_ontap, Oncommand_balance, Ntp, Linux, Tim_4r\-Ie_dnp3_firmware, Tim_4r\-Ie_firmware | 5.9 | ||
2013-10-03 | CVE-2013-4327 | systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288. | Ubuntu_linux, Debian_linux, Systemd | N/A | ||
2013-10-28 | CVE-2013-4391 | Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow. | Debian_linux, Systemd | N/A |