Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-02-04 | CVE-2019-7314 | liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact. | Debian_linux, Streaming_media | 9.8 | ||
| 2017-08-07 | CVE-2015-7852 | ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets. | Debian_linux, Clustered_data_ontap, Data_ontap, Oncommand_balance, Oncommand_performance_manager, Oncommand_unified_manager, Ntp, Linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2017-08-07 | CVE-2015-7850 | ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file. | Debian_linux, Clustered_data_ontap, Data_ontap, Oncommand_balance, Oncommand_performance_manager, Oncommand_unified_manager, Ntp | N/A | ||
| 2017-07-24 | CVE-2015-7703 | The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command. | Debian_linux, Clustered_data_ontap, Data_ontap, Oncommand_performance_manager, Oncommand_unified_manager, Ntp, Linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2017-08-07 | CVE-2015-7702 | The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. | Debian_linux, Clustered_data_ontap, Data_ontap, Oncommand_performance_manager, Oncommand_unified_manager, Ntp, Linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2017-08-07 | CVE-2015-7701 | Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption). | Debian_linux, Clustered_data_ontap, Data_ontap, Oncommand_performance_manager, Oncommand_unified_manager, Ntp, Linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2017-08-07 | CVE-2015-7692 | The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. | Debian_linux, Clustered_data_ontap, Data_ontap, Oncommand_performance_manager, Oncommand_unified_manager, Ntp, Linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2017-08-07 | CVE-2015-7691 | The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. | Debian_linux, Clustered_data_ontap, Data_ontap, Oncommand_performance_manager, Oncommand_unified_manager, Ntp, Linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2015-10-06 | CVE-2014-9750 | ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field. | Debian_linux, Ntp, Linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
| 2019-08-21 | CVE-2019-15296 | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast to uint32. If ld->buffer_size - words*4 is negative, a buffer overflow is later performed via getdword_n(&ld->start[words], ld->bytes_left). | Freeware_advanced_audio_decoder_2, Debian_linux | 7.8 |