Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2011-05-03 | CVE-2011-1444 | Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | Debian_linux, Chrome | N/A | ||
2011-03-25 | CVE-2011-1293 | Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | Iphone_os, Itunes, Safari, Debian_linux, Chrome | N/A | ||
2011-03-25 | CVE-2011-1292 | Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | Debian_linux, Chrome | N/A | ||
2019-04-24 | CVE-2019-9928 | GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. | Ubuntu_linux, Debian_linux, Gstreamer | 8.8 | ||
2019-10-18 | CVE-2019-18197 | In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. | Ubuntu_linux, Debian_linux, Libxslt | N/A | ||
2017-02-22 | CVE-2017-6188 | Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user. | Debian_linux, Munin | N/A | ||
2011-07-07 | CVE-2011-2192 | The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Libcurl | N/A | ||
2011-05-03 | CVE-2011-1440 | Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. | Itunes, Safari, Debian_linux, Chrome | N/A | ||
2019-01-14 | CVE-2019-6256 | A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp. | Debian_linux, Live555_media_server | 9.8 | ||
2018-01-23 | CVE-2018-5683 | The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. | Ubuntu_linux, Debian_linux, Qemu, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization | N/A |