Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-07-10 | CVE-2017-11139 | GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. | Debian_linux, Graphicsmagick | 9.8 | ||
| 2018-01-03 | CVE-2017-1000501 | Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution. | Awstats, Debian_linux | 9.8 | ||
| 2018-01-02 | CVE-2017-1000456 | freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations. | Debian_linux, Poppler | 8.8 | ||
| 2018-01-02 | CVE-2017-1000422 | Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution | Ubuntu_linux, Debian_linux, Gdk\-Pixbuf | 8.8 | ||
| 2019-04-18 | CVE-2016-10746 | libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886. | Debian_linux, Libvirt | 7.5 | ||
| 2019-02-18 | CVE-2019-8907 | do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact. | Ubuntu_linux, Debian_linux, File, Leap | 8.8 | ||
| 2019-01-26 | CVE-2019-6799 | An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allow_local_infile PHP configuration, and the inadvertent ignoring of "options(MYSQLI_OPT_LOCAL_INFILE" calls. | Debian_linux, Phpmyadmin | 5.9 | ||
| 2019-01-13 | CVE-2019-6250 | A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. The memory layout allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer (i.e., it is... | Debian_linux, Libzmq | 8.8 | ||
| 2019-03-06 | CVE-2019-3824 | A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service. | Ubuntu_linux, Debian_linux, Samba | 6.5 | ||
| 2019-04-06 | CVE-2019-10904 | Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors. | Debian_linux, Roundup | 6.1 |