Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-05-08 | CVE-2017-8846 | The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive. | Debian_linux, Long_range_zip | 5.5 | ||
| 2017-06-26 | CVE-2017-9928 | In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file. | Debian_linux, Long_range_zip | 5.5 | ||
| 2017-06-26 | CVE-2017-9929 | In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file. | Debian_linux, Long_range_zip | 5.5 | ||
| 2018-04-24 | CVE-2017-14440 | An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | Debian_linux, Sdl_image | 8.8 | ||
| 2018-04-24 | CVE-2017-14442 | An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | Debian_linux, Sdl_image | 8.8 | ||
| 2018-04-24 | CVE-2017-14441 | An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | Debian_linux, Sdl_image | 8.8 | ||
| 2019-12-11 | CVE-2019-19725 | sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. | Ubuntu_linux, Debian_linux, Sysstat | 9.8 | ||
| 2018-10-17 | CVE-2018-3174 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this... | Ubuntu_linux, Debian_linux, Mariadb, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql | 5.3 | ||
| 2017-08-05 | CVE-2017-12562 | Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | Debian_linux, Libsndfile | 9.8 | ||
| 2018-11-17 | CVE-2018-19274 | Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions. | Debian_linux, Phpbb | 7.2 |