Lucene search

K
DebianDebian Linux

5 matches found

CVE
CVE
added 2013/12/23 10:55 p.m.74 views

CVE-2013-6422

The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM...

4CVSS6.8AI score0.00344EPSS
CVE
CVE
added 2013/12/09 4:36 p.m.68 views

CVE-2013-7020

The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data.

6.8CVSS7.3AI score0.01472EPSS
CVE
CVE
added 2013/12/07 8:55 p.m.56 views

CVE-2013-6410

nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file.

7.5CVSS6.2AI score0.0032EPSS
CVE
CVE
added 2013/12/07 9:55 p.m.46 views

CVE-2013-0858

The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer than two channels.

9.3CVSS6.7AI score0.01154EPSS
CVE
CVE
added 2013/12/23 10:55 p.m.45 views

CVE-2013-6890

denyhosts 2.6 uses an incorrect regular expression when analyzing authentication logs, which allows remote attackers to cause a denial of service (incorrect block of IP addresses) via crafted login names.

5CVSS6.6AI score0.12964EPSS