Total
8120 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-12495 | 2 Debian, Discount Project | 2 Debian Linux, Discount | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | |||||
CVE-2017-12186 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
CVE-2018-2761 | 6 Canonical, Debian, Mariadb and 3 more | 15 Ubuntu Linux, Debian Linux, Mariadb and 12 more | 2024-02-04 | 4.3 MEDIUM | 5.9 MEDIUM |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). | |||||
CVE-2018-9270 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak. | |||||
CVE-2018-11319 | 2 Debian, Syntastic Project | 2 Debian Linux, Syntastic | 2024-02-04 | 8.5 HIGH | 7.5 HIGH |
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a directory that is a parent of the base directory of the project being checked. NOTE: exploitation is more difficult after 3.8.0 because filename prediction may be needed. | |||||
CVE-2018-8098 | 2 Debian, Libgit2 | 2 Debian Linux, Libgit2 | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file. | |||||
CVE-2017-7752 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
CVE-2017-2615 | 5 Citrix, Debian, Qemu and 2 more | 10 Xenserver, Debian Linux, Qemu and 7 more | 2024-02-04 | 9.0 HIGH | 9.1 CRITICAL |
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. | |||||
CVE-2018-12910 | 5 Canonical, Debian, Gnome and 2 more | 9 Ubuntu Linux, Debian Linux, Libsoup and 6 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. | |||||
CVE-2016-1000345 | 2 Bouncycastle, Debian | 2 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux | 2024-02-04 | 4.3 MEDIUM | 5.9 MEDIUM |
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding. | |||||
CVE-2015-5314 | 2 Debian, W1.fi | 2 Debian Linux, Wpa Supplicant | 2024-02-04 | 4.3 MEDIUM | 5.9 MEDIUM |
The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message. | |||||
CVE-2017-2826 | 2 Debian, Zabbix | 2 Debian Linux, Zabbix | 2024-02-04 | 4.3 MEDIUM | 3.7 LOW |
An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability. | |||||
CVE-2017-17969 | 2 7-zip, Debian | 3 7-zip, P7zip, Debian Linux | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive. | |||||
CVE-2018-7187 | 2 Debian, Golang | 2 Debian Linux, Go | 2024-02-04 | 9.3 HIGH | 8.8 HIGH |
The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path (get/vcs.go only checks for "://" anywhere in the string), which allows remote attackers to execute arbitrary OS commands via a crafted web site. | |||||
CVE-2018-1126 | 5 Canonical, Debian, Procps-ng Project and 2 more | 10 Ubuntu Linux, Debian Linux, Procps-ng and 7 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124. | |||||
CVE-2017-5462 | 2 Debian, Mozilla | 5 Debian Linux, Firefox, Firefox Esr and 2 more | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | |||||
CVE-2018-13405 | 6 Canonical, Debian, F5 and 3 more | 27 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 24 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. | |||||
CVE-2018-1122 | 3 Canonical, Debian, Procps-ng Project | 3 Ubuntu Linux, Debian Linux, Procps-ng | 2024-02-04 | 4.4 MEDIUM | 7.0 HIGH |
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function. | |||||
CVE-2018-10540 | 2 Debian, Wavpack | 2 Debian Linux, Wavpack | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. | |||||
CVE-2016-9602 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-02-04 | 9.0 HIGH | 8.8 HIGH |
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host. |