Lucene search

K
DebianDebian Linux7.0

1248 matches found

CVE
CVE
added 2016/05/16 10:59 a.m.509 views

CVE-2015-4643

Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because o...

9.8CVSS8.9AI score0.14561EPSS
CVE
CVE
added 2018/03/09 8:29 p.m.505 views

CVE-2018-7537

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a ...

5.3CVSS5.3AI score0.01201EPSS
CVE
CVE
added 2016/03/09 11:59 p.m.502 views

CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.

8.6CVSS8.2AI score0.71553EPSS
CVE
CVE
added 2018/03/09 8:29 p.m.501 views

CVE-2018-7536

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1...

5.3CVSS5.7AI score0.01198EPSS
CVE
CVE
added 2018/01/03 6:29 a.m.500 views

CVE-2017-18017

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in a...

10CVSS9.5AI score0.38093EPSS
CVE
CVE
added 2017/05/23 9:29 p.m.486 views

CVE-2017-8314

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles.

5.5CVSS5.3AI score0.0692EPSS
CVE
CVE
added 2017/10/03 1:29 a.m.479 views

CVE-2017-14492

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

9.8CVSS9AI score0.92641EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.461 views

CVE-2018-10548

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.

7.5CVSS6.2AI score0.65467EPSS
CVE
CVE
added 2018/03/01 7:29 p.m.455 views

CVE-2018-7584

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.

9.8CVSS8AI score0.81512EPSS
CVE
CVE
added 2018/05/08 6:29 p.m.439 views

CVE-2018-8897

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated...

7.8CVSS6.8AI score0.21337EPSS
CVE
CVE
added 2012/09/15 6:55 p.m.427 views

CVE-2012-4929

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences...

2.6CVSS4.9AI score0.13867EPSS
CVE
CVE
added 2016/03/09 11:59 p.m.424 views

CVE-2016-1285

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interfa...

6.8CVSS7.2AI score0.67839EPSS
CVE
CVE
added 2017/10/24 1:29 a.m.415 views

CVE-2017-12613

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap ...

7.1CVSS7.1AI score0.00216EPSS
CVE
CVE
added 2018/01/16 9:29 a.m.382 views

CVE-2018-5712

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

6.1CVSS7.1AI score0.89192EPSS
CVE
CVE
added 2015/12/15 9:59 p.m.372 views

CVE-2015-5312

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.

7.1CVSS6.2AI score0.04812EPSS
CVE
CVE
added 2018/05/23 1:29 p.m.359 views

CVE-2018-1126

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

9.8CVSS7.7AI score0.00302EPSS
CVE
CVE
added 2011/12/25 1:55 a.m.357 views

CVE-2011-4862

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as ...

10CVSS7.3AI score0.92585EPSS
CVE
CVE
added 2018/03/27 9:29 p.m.357 views

CVE-2018-0739

Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.5AI score0.20225EPSS
CVE
CVE
added 2015/03/16 10:59 a.m.354 views

CVE-2015-1421

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper ...

10CVSS5.9AI score0.25935EPSS
CVE
CVE
added 2014/07/09 11:7 a.m.351 views

CVE-2014-3515

The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related ...

7.5CVSS8AI score0.60788EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.351 views

CVE-2017-7805

During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointi...

7.5CVSS8AI score0.04831EPSS
CVE
CVE
added 2018/04/03 10:29 p.m.350 views

CVE-2017-17742

Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick.

5.3CVSS6.8AI score0.00815EPSS
CVE
CVE
added 2018/06/12 4:29 p.m.347 views

CVE-2018-5803

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

5.5CVSS6.3AI score0.0006EPSS
CVE
CVE
added 2018/02/28 8:29 p.m.345 views

CVE-2018-1304

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It ...

5.9CVSS6.7AI score0.03002EPSS
CVE
CVE
added 2012/10/17 12:55 a.m.335 views

CVE-2012-3163

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

9CVSS4.2AI score0.00866EPSS
CVE
CVE
added 2016/10/10 11:0 a.m.330 views

CVE-2016-7117

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

10CVSS9.3AI score0.12777EPSS
CVE
CVE
added 2017/11/17 5:29 a.m.323 views

CVE-2017-1000158

CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)

9.8CVSS9.7AI score0.02492EPSS
CVE
CVE
added 2014/07/06 11:55 p.m.319 views

CVE-2014-4721

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from pr...

2.6CVSS8.1AI score0.09887EPSS
CVE
CVE
added 2018/02/09 11:29 p.m.317 views

CVE-2018-1000027

The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remo...

7.5CVSS7.5AI score0.64759EPSS
CVE
CVE
added 2018/02/23 11:29 p.m.316 views

CVE-2018-1305

Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that po...

6.5CVSS6.3AI score0.17655EPSS
CVE
CVE
added 2015/11/18 4:59 p.m.315 views

CVE-2015-8035

The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.

2.6CVSS6.6AI score0.01311EPSS
CVE
CVE
added 2018/05/24 1:29 p.m.315 views

CVE-2018-1000199

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed...

5.5CVSS7AI score0.00331EPSS
CVE
CVE
added 2018/04/03 10:29 p.m.310 views

CVE-2018-8780

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed.

9.1CVSS7.1AI score0.01214EPSS
CVE
CVE
added 2014/03/14 3:55 p.m.309 views

CVE-2014-2324

Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.

5CVSS9.2AI score0.74389EPSS
CVE
CVE
added 2017/10/14 11:29 p.m.307 views

CVE-2017-12629

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external...

9.8CVSS9.6AI score0.93891EPSS
CVE
CVE
added 2018/04/23 7:29 p.m.305 views

CVE-2018-8781

The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code...

7.8CVSS7.5AI score0.00101EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.303 views

CVE-2018-2562

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocol...

7.5CVSS6.7AI score0.00355EPSS
CVE
CVE
added 2018/03/16 4:29 p.m.301 views

CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

7.2CVSS6.3AI score0.00053EPSS
CVE
CVE
added 2018/05/23 2:29 p.m.301 views

CVE-2018-1122

procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.

7.3CVSS7.4AI score0.00397EPSS
CVE
CVE
added 2018/01/24 10:29 p.m.300 views

CVE-2018-1000007

libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned...

9.8CVSS8AI score0.03066EPSS
CVE
CVE
added 2018/01/16 9:29 a.m.300 views

CVE-2018-5711

gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecrea...

5.5CVSS5.9AI score0.13221EPSS
CVE
CVE
added 2015/07/23 12:59 a.m.299 views

CVE-2015-1283

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a relate...

6.8CVSS8.4AI score0.05699EPSS
CVE
CVE
added 2017/08/07 8:29 p.m.299 views

CVE-2015-7871

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

9.8CVSS9.3AI score0.84001EPSS
CVE
CVE
added 2017/12/11 9:29 p.m.298 views

CVE-2017-1000407

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

7.4CVSS5.9AI score0.00458EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.298 views

CVE-2018-5146

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.

8.8CVSS7AI score0.26243EPSS
CVE
CVE
added 2018/02/09 11:29 p.m.294 views

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server de...

7.5CVSS7.5AI score0.08615EPSS
CVE
CVE
added 2017/10/03 1:29 a.m.293 views

CVE-2017-14494

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

5.9CVSS7.3AI score0.15405EPSS
CVE
CVE
added 2018/05/23 1:29 p.m.293 views

CVE-2018-1124

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution...

7.8CVSS8.3AI score0.0028EPSS
CVE
CVE
added 2011/07/28 6:55 p.m.288 views

CVE-2011-2688

SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.

7.5CVSS8.3AI score0.02343EPSS
CVE
CVE
added 2016/02/17 3:59 p.m.285 views

CVE-2016-0766

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.

9CVSS8.6AI score0.00971EPSS
Total number of security vulnerabilities1248