Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8869 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-9427 | 3 Bdwgc Project, Debian, Opensuse | 4 Bdwgc, Debian Linux, Leap and 1 more | 2024-08-06 | 9.8 Critical |
Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation. | ||||
CVE-2016-9375 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-08-06 | N/A |
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful. | ||||
CVE-2016-9401 | 3 Debian, Gnu, Redhat | 9 Debian Linux, Bash, Enterprise Linux and 6 more | 2024-08-06 | 5.5 Medium |
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | ||||
CVE-2016-9373 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-08-06 | N/A |
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings. | ||||
CVE-2016-9374 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-08-06 | N/A |
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable. | ||||
CVE-2016-9376 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-08-06 | N/A |
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large. | ||||
CVE-2016-9189 | 2 Debian, Python | 2 Debian Linux, Pillow | 2024-08-06 | N/A |
Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component. | ||||
CVE-2016-9190 | 2 Debian, Python | 2 Debian Linux, Pillow | 2024-08-06 | N/A |
Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component. | ||||
CVE-2016-9104 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2024-08-06 | 4.4 Medium |
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access. | ||||
CVE-2016-9063 | 3 Debian, Mozilla, Python | 3 Debian Linux, Firefox, Python | 2024-08-06 | 9.8 Critical |
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50. | ||||
CVE-2016-9106 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2024-08-06 | 6.0 Medium |
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector. | ||||
CVE-2016-9103 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-08-06 | 6.0 Medium |
The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them. | ||||
CVE-2016-9131 | 4 Debian, Isc, Netapp and 1 more | 14 Debian Linux, Bind, Data Ontap Edge and 11 more | 2024-08-06 | 7.5 High |
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. | ||||
CVE-2016-9105 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2024-08-06 | 6.0 Medium |
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object. | ||||
CVE-2016-9119 | 3 Canonical, Debian, Moinmo | 3 Ubuntu Linux, Debian Linux, Moinmoin | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2016-9102 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-08-06 | 6.0 Medium |
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number. | ||||
CVE-2016-9079 | 5 Debian, Microsoft, Mozilla and 2 more | 12 Debian Linux, Windows, Firefox and 9 more | 2024-08-06 | N/A |
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1. | ||||
CVE-2016-9101 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2024-08-06 | 6.0 Medium |
Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device. | ||||
CVE-2016-9066 | 3 Debian, Mozilla, Redhat | 5 Debian Linux, Firefox, Firefox Esr and 2 more | 2024-08-06 | N/A |
A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | ||||
CVE-2016-9074 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2024-08-06 | N/A |
An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. |