Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8867 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-7051 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-08-05 | N/A |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings. | ||||
CVE-2018-7053 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-08-05 | N/A |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order. | ||||
CVE-2018-7054 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-08-05 | N/A |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191. | ||||
CVE-2018-7052 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-08-05 | N/A |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur. | ||||
CVE-2018-7033 | 2 Debian, Schedmd | 2 Debian Linux, Slurm | 2024-08-05 | N/A |
SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD. | ||||
CVE-2018-7050 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-08-05 | N/A |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick. | ||||
CVE-2018-6927 | 4 Canonical, Debian, Linux and 1 more | 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more | 2024-08-05 | N/A |
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value. | ||||
CVE-2018-6913 | 3 Canonical, Debian, Perl | 3 Ubuntu Linux, Debian Linux, Perl | 2024-08-05 | N/A |
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. | ||||
CVE-2018-6914 | 4 Canonical, Debian, Redhat and 1 more | 5 Ubuntu Linux, Debian Linux, Enterprise Linux and 2 more | 2024-08-05 | N/A |
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. (dot dot) in the prefix argument. | ||||
CVE-2018-6869 | 3 Canonical, Debian, Zziplib Project | 3 Ubuntu Linux, Debian Linux, Zziplib | 2024-08-05 | N/A |
In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the __zzip_parse_root_directory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. | ||||
CVE-2018-6871 | 4 Canonical, Debian, Libreoffice and 1 more | 10 Ubuntu Linux, Debian Linux, Libreoffice and 7 more | 2024-08-05 | N/A |
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. | ||||
CVE-2018-6799 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-08-05 | N/A |
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used. | ||||
CVE-2018-6798 | 4 Canonical, Debian, Perl and 1 more | 6 Ubuntu Linux, Debian Linux, Perl and 3 more | 2024-08-05 | N/A |
An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. | ||||
CVE-2018-6797 | 4 Canonical, Debian, Perl and 1 more | 6 Ubuntu Linux, Debian Linux, Perl and 3 more | 2024-08-05 | N/A |
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. | ||||
CVE-2018-6764 | 3 Canonical, Debian, Redhat | 8 Ubuntu Linux, Debian Linux, Enterprise Linux and 5 more | 2024-08-05 | N/A |
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module. | ||||
CVE-2018-6794 | 2 Debian, Suricata-ids | 2 Debian Linux, Suricata | 2024-08-05 | N/A |
Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c. If a malicious server breaks a normal TCP flow and sends data before the 3-way handshake is complete, then the data sent by the malicious server will be accepted by web clients such as a web browser or Linux CLI utilities, but ignored by Suricata IDS signatures. This mostly affects IDS signatures for the HTTP protocol and TCP stream content; signatures for TCP packets will inspect such network traffic as usual. | ||||
CVE-2018-6791 | 2 Debian, Kde | 2 Debian Linux, Plasma-workspace | 2024-08-05 | N/A |
An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder. | ||||
CVE-2018-6789 | 3 Canonical, Debian, Exim | 3 Ubuntu Linux, Debian Linux, Exim | 2024-08-05 | 9.8 Critical |
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. | ||||
CVE-2018-6767 | 3 Canonical, Debian, Wavpack | 3 Ubuntu Linux, Debian Linux, Wavpack | 2024-08-05 | N/A |
A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file. | ||||
CVE-2018-6616 | 5 Canonical, Debian, Oracle and 2 more | 5 Ubuntu Linux, Debian Linux, Georaster and 2 more | 2024-08-05 | 5.5 Medium |
In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |