Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8869 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-1237 | 4 Canonical, Debian, Google and 1 more | 4 Ubuntu Linux, Debian Linux, Chrome and 1 more | 2024-08-06 | N/A |
Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages during a detach operation. | ||||
CVE-2015-1235 | 4 Canonical, Debian, Google and 1 more | 4 Ubuntu Linux, Debian Linux, Chrome and 1 more | 2024-08-06 | N/A |
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element. | ||||
CVE-2015-1165 | 3 Bestpractical, Debian, Fedoraproject | 3 Request Tracker, Debian Linux, Fedora | 2024-08-06 | N/A |
RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors. | ||||
CVE-2015-1246 | 3 Debian, Google, Redhat | 3 Debian Linux, Chrome, Rhel Extras | 2024-08-06 | N/A |
Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
CVE-2015-1242 | 4 Canonical, Debian, Google and 1 more | 5 Ubuntu Linux, Debian Linux, Chrome and 2 more | 2024-08-06 | N/A |
The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type confusion" in the check-elimination optimization. | ||||
CVE-2015-1245 | 3 Debian, Google, Redhat | 3 Debian Linux, Chrome, Rhel Extras | 2024-08-06 | N/A |
Use-after-free vulnerability in the OpenPDFInReaderView::Update function in browser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome before 41.0.2272.76 might allow user-assisted remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering interaction with a PDFium "Open PDF in Reader" button that has an invalid tab association. | ||||
CVE-2015-1207 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-08-06 | N/A |
Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file. | ||||
CVE-2015-1239 | 3 Debian, Google, Uclouvain | 4 Debian Linux, Chrome, Pdfium and 1 more | 2024-08-06 | 6.5 Medium |
Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF. | ||||
CVE-2015-0971 | 2 Debian, Openinfosecfoundation | 2 Debian Linux, Suricata | 2024-08-06 | N/A |
The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates. | ||||
CVE-2015-0858 | 2 Debian, Tardiff Project | 2 Debian Linux, Tardiff | 2024-08-06 | N/A |
Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory. | ||||
CVE-2015-0885 | 2 Checkpw Project, Debian | 2 Checkpw, Debian Linux | 2024-08-06 | N/A |
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username. | ||||
CVE-2015-0838 | 2 Debian, Dulwich Project | 2 Debian Linux, Dulwich | 2024-08-06 | N/A |
Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file. | ||||
CVE-2015-0837 | 2 Debian, Gnupg | 3 Debian Linux, Gnupg, Libgcrypt | 2024-08-06 | 5.9 Medium |
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack." | ||||
CVE-2015-0859 | 1 Debian | 1 Debian Linux | 2024-08-06 | N/A |
The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to smokeping_cgi, which allows remote attackers to execute arbitrary code via crafted CGI arguments. | ||||
CVE-2015-0857 | 2 Debian, Tardiff Project | 2 Debian Linux, Tardiff | 2024-08-06 | N/A |
Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters in the name of a (1) tar file or (2) file within a tar file. | ||||
CVE-2015-0861 | 2 Debian, Tryton | 2 Debian Linux, Trytond | 2024-08-06 | N/A |
model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records. | ||||
CVE-2015-0797 | 6 Debian, Gstreamer Project, Linux and 3 more | 17 Debian Linux, Gstreamer, Linux Kernel and 14 more | 2024-08-06 | N/A |
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file. | ||||
CVE-2015-0564 | 5 Debian, Opensuse, Oracle and 2 more | 6 Debian Linux, Opensuse, Linux and 3 more | 2024-08-06 | N/A |
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session. | ||||
CVE-2015-0501 | 7 Canonical, Debian, Juniper and 4 more | 16 Ubuntu Linux, Debian Linux, Junos Space and 13 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling. | ||||
CVE-2015-0505 | 6 Canonical, Debian, Mariadb and 3 more | 16 Ubuntu Linux, Debian Linux, Mariadb and 13 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. |