Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-09-14 | CVE-2017-13020 | The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). | Debian_linux, Tcpdump | 9.8 | ||
| 2017-09-14 | CVE-2017-13004 | The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header(). | Debian_linux, Tcpdump | 9.8 | ||
| 2018-05-08 | CVE-2018-1000179 | A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service. | Debian_linux, Quassel | 7.5 | ||
| 2018-05-08 | CVE-2018-1000178 | A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely. | Debian_linux, Quassel | 9.8 | ||
| 2014-09-30 | CVE-2014-6055 | Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message. | Debian_linux, Fedora, Libvncserver, Enterprise_linux_server_aus, Enterprise_linux_server_eus | N/A | ||
| 2014-12-15 | CVE-2014-6052 | The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message. | Ubuntu_linux, Debian_linux, Libvncserver, Solaris | N/A | ||
| 2014-10-06 | CVE-2014-6054 | The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message. | Ubuntu_linux, Debian_linux, Libvncserver | N/A | ||
| 2014-09-30 | CVE-2014-6051 | Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow. | Debian_linux, Fedora, Libvncserver, Solaris, Enterprise_linux_server_aus, Enterprise_linux_server_eus | N/A | ||
| 2014-12-15 | CVE-2014-6053 | The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc. | Ubuntu_linux, Debian_linux, Libvncserver | N/A | ||
| 2018-02-19 | CVE-2018-7225 | An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets. | Ubuntu_linux, Debian_linux, Libvncserver, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 9.8 |