Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-08-24 | CVE-2018-14600 | An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution. | Ubuntu_linux, Debian_linux, Libx11 | 9.8 | ||
2018-06-13 | CVE-2018-12265 | Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp. | Ubuntu_linux, Debian_linux, Exiv2 | 8.8 | ||
2018-06-13 | CVE-2018-12264 | Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp. | Ubuntu_linux, Debian_linux, Exiv2 | 8.8 | ||
2018-05-23 | CVE-2018-1122 | procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function. | Ubuntu_linux, Debian_linux, Procps\-Ng | 7.0 | ||
2018-05-16 | CVE-2018-11214 | An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. | Ubuntu_linux, Debian_linux, Libjpeg | 6.5 | ||
2018-05-16 | CVE-2018-11213 | An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. | Ubuntu_linux, Debian_linux, Libjpeg | 6.5 | ||
2018-05-10 | CVE-2018-10963 | The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | Ubuntu_linux, Debian_linux, Libtiff | 6.5 | ||
2018-05-10 | CVE-2018-10958 | In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. | Ubuntu_linux, Debian_linux, Exiv2 | 6.5 | ||
2018-03-15 | CVE-2017-18234 | An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp. | Ubuntu_linux, Debian_linux, Exempi | 7.8 | ||
2017-02-13 | CVE-2016-3616 | The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. | Ubuntu_linux, Debian_linux, Libjpeg\-Turbo, Enterprise_linux | 8.8 |