Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8870 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-9750 | 4 Debian, Ntp, Oracle and 1 more | 7 Debian Linux, Ntp, Linux and 4 more | 2024-08-06 | N/A |
ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field. | ||||
CVE-2014-9762 | 2 Debian, Enlightenment | 2 Debian Linux, Imlib2 | 2024-08-06 | N/A |
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap. | ||||
CVE-2014-9751 | 6 Apple, Debian, Linux and 3 more | 9 Macos, Debian Linux, Linux Kernel and 6 more | 2024-08-06 | N/A |
The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address. | ||||
CVE-2014-9771 | 2 Debian, Enlightenment | 2 Debian Linux, Imlib2 | 2024-08-06 | N/A |
Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation. | ||||
CVE-2014-9745 | 4 Canonical, Debian, Freetype and 1 more | 4 Ubuntu Linux, Debian Linux, Freetype and 1 more | 2024-08-06 | N/A |
The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage. | ||||
CVE-2014-9713 | 2 Debian, Openldap | 2 Debian Linux, Openldap | 2024-08-06 | N/A |
The default slapd configuration in the Debian openldap package 2.4.23-3 through 2.4.39-1.1 allows remote authenticated users to modify the user's permissions and other user attributes via unspecified vectors. | ||||
CVE-2014-9718 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-08-06 | N/A |
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions. | ||||
CVE-2014-9667 | 6 Canonical, Debian, Fedoraproject and 3 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2024-08-06 | N/A |
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table. | ||||
CVE-2014-9670 | 7 Canonical, Debian, Fedoraproject and 4 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2024-08-06 | N/A |
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row. | ||||
CVE-2014-9669 | 7 Canonical, Debian, Fedoraproject and 4 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2024-08-06 | N/A |
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table. | ||||
CVE-2014-9747 | 2 Debian, Freetype | 2 Debian Linux, Freetype | 2024-08-06 | N/A |
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font. | ||||
CVE-2014-9675 | 6 Canonical, Debian, Fedoraproject and 3 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2024-08-06 | N/A |
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font. | ||||
CVE-2014-9763 | 2 Debian, Enlightenment | 2 Debian Linux, Imlib2 | 2024-08-06 | N/A |
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file. | ||||
CVE-2014-9746 | 2 Debian, Freetype | 2 Debian Linux, Freetype | 2024-08-06 | N/A |
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font. | ||||
CVE-2014-9673 | 5 Canonical, Debian, Freetype and 2 more | 11 Ubuntu Linux, Debian Linux, Freetype and 8 more | 2024-08-06 | N/A |
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font. | ||||
CVE-2014-9764 | 2 Debian, Enlightenment | 2 Debian Linux, Imlib2 | 2024-08-06 | N/A |
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file. | ||||
CVE-2014-9709 | 6 Canonical, Debian, Libgd and 3 more | 7 Ubuntu Linux, Debian Linux, Libgd and 4 more | 2024-08-06 | N/A |
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function. | ||||
CVE-2014-9765 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Opensuse and 1 more | 2024-08-06 | N/A |
Buffer overflow in the main_get_appheader function in xdelta3-main.h in xdelta3 before 3.0.9 allows remote attackers to execute arbitrary code via a crafted input file. | ||||
CVE-2014-9706 | 2 Debian, Dulwich Project | 2 Debian Linux, Dulwich | 2024-08-06 | N/A |
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree. | ||||
CVE-2014-9671 | 6 Canonical, Debian, Freetype and 3 more | 12 Ubuntu Linux, Debian Linux, Freetype and 9 more | 2024-08-06 | N/A |
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented. |