Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2011-12-25 | CVE-2011-4862 | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. | Debian_linux, Fedora, Freebsd, Inetutils, Heimdal, Krb5\-Appl, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2019-11-26 | CVE-2011-3374 | It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack. | Advanced_package_tool, Debian_linux | 3.7 | ||
| 2018-07-19 | CVE-2018-14395 | libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format. | Debian_linux, Ffmpeg | 6.5 | ||
| 2018-06-15 | CVE-2018-12458 | An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. | Debian_linux, Ffmpeg | 6.5 | ||
| 2018-02-04 | CVE-2018-6616 | In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. | Ubuntu_linux, Debian_linux, Georaster, Openjpeg | 5.5 | ||
| 2018-01-19 | CVE-2018-5785 | In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. | Ubuntu_linux, Debian_linux, Openjpeg | 6.5 | ||
| 2017-12-08 | CVE-2017-17480 | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution. | Ubuntu_linux, Debian_linux, Openjpeg | 9.8 | ||
| 2007-04-06 | CVE-2007-1216 | Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding". | Ubuntu_linux, Debian_linux, Kerberos_5 | N/A | ||
| 2007-06-26 | CVE-2007-2443 | Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value. | Ubuntu_linux, Debian_linux, Kerberos_5 | N/A | ||
| 2017-03-20 | CVE-2017-6836 | Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted file. | Audiofile, Debian_linux | 5.5 |