Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2015-04-24 | CVE-2015-3310 | Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server. | Ubuntu_linux, Debian_linux, Point\-To\-Point_protocol | N/A | ||
2020-02-21 | CVE-2012-0844 | Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar. | Debian_linux, Netsurf | N/A | ||
2019-10-23 | CVE-2019-18281 | An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters. | Debian_linux, Qtbase | N/A | ||
2019-11-25 | CVE-2015-1396 | A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196. | Debian_linux, Patch | N/A | ||
2018-07-28 | CVE-2018-0498 | ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. | Mbed_tls, Debian_linux | 4.7 | ||
2018-07-28 | CVE-2018-0497 | ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169. | Mbed_tls, Debian_linux | 5.9 | ||
2018-02-13 | CVE-2018-0487 | ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session. | Mbed_tls, Debian_linux | 9.8 | ||
2018-03-14 | CVE-2017-18231 | An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file. | Debian_linux, Graphicsmagick | 6.5 | ||
2018-03-14 | CVE-2017-18230 | An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file. | Debian_linux, Graphicsmagick | 6.5 | ||
2018-03-14 | CVE-2017-18229 | An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations. | Debian_linux, Graphicsmagick | 6.5 |