Lucene search

K
DebianDebian Linux

117 matches found

CVE
CVE
added 2018/02/08 11:29 p.m.1318 views

CVE-2018-6789

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

9.8CVSS9.6AI score0.84656EPSS
CVE
CVE
added 2018/02/16 5:29 p.m.589 views

CVE-2017-18190

A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS serv...

7.5CVSS7.8AI score0.00242EPSS
CVE
CVE
added 2018/02/06 3:29 p.m.403 views

CVE-2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

9.8CVSS9.2AI score0.77423EPSS
CVE
CVE
added 2018/02/28 8:29 p.m.347 views

CVE-2018-1304

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It ...

5.9CVSS6.7AI score0.01855EPSS
CVE
CVE
added 2018/02/09 11:29 p.m.330 views

CVE-2018-1000026

Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass...

7.7CVSS7.3AI score0.00865EPSS
CVE
CVE
added 2018/02/23 11:29 p.m.318 views

CVE-2018-1305

Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that po...

6.5CVSS6.3AI score0.0878EPSS
CVE
CVE
added 2018/02/09 11:29 p.m.317 views

CVE-2018-1000027

The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remo...

7.5CVSS7.5AI score0.1069EPSS
CVE
CVE
added 2018/02/26 3:29 p.m.301 views

CVE-2018-7489

FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ...

9.8CVSS9.5AI score0.77423EPSS
CVE
CVE
added 2018/02/09 11:29 p.m.294 views

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server de...

7.5CVSS7.5AI score0.02177EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.270 views

CVE-2017-5130

An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.

8.8CVSS6.6AI score0.00905EPSS
CVE
CVE
added 2018/02/12 7:29 p.m.261 views

CVE-2018-6927

The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.

7.8CVSS7AI score0.00084EPSS
CVE
CVE
added 2018/02/16 9:29 p.m.252 views

CVE-2018-1049

In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denia...

5.9CVSS5.5AI score0.00764EPSS
CVE
CVE
added 2018/02/06 3:29 p.m.247 views

CVE-2017-15095

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-...

9.8CVSS9.2AI score0.77423EPSS
CVE
CVE
added 2018/02/04 10:29 p.m.233 views

CVE-2018-6616

In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

5.5CVSS5.6AI score0.00075EPSS
CVE
CVE
added 2018/02/09 6:29 a.m.232 views

CVE-2018-6871

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.

9.8CVSS9.1AI score0.59797EPSS
CVE
CVE
added 2018/02/09 2:29 p.m.226 views

CVE-2018-1053

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of pg_dumpall -g under umask which was in effect when the user invoked pg_upgrade, and not under 0077 whic...

7CVSS6.5AI score0.00053EPSS
CVE
CVE
added 2018/02/03 3:29 p.m.214 views

CVE-2018-6594

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assu...

7.5CVSS7.2AI score0.00639EPSS
CVE
CVE
added 2018/02/26 8:29 p.m.184 views

CVE-2018-7492

A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.

5.5CVSS5.7AI score0.0008EPSS
CVE
CVE
added 2018/02/19 7:29 p.m.173 views

CVE-2017-7376

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.

10CVSS8.1AI score0.39544EPSS
CVE
CVE
added 2018/02/19 11:29 p.m.168 views

CVE-2018-7254

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.

7.8CVSS6.5AI score0.21314EPSS
CVE
CVE
added 2018/02/19 11:29 p.m.161 views

CVE-2018-7253

The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.

7.8CVSS6.4AI score0.00879EPSS
CVE
CVE
added 2018/02/06 10:29 p.m.155 views

CVE-2018-6767

A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file.

7.8CVSS6.8AI score0.00879EPSS
CVE
CVE
added 2018/02/24 6:29 a.m.153 views

CVE-2018-7456

A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to pri...

6.5CVSS7.4AI score0.00742EPSS
CVE
CVE
added 2018/02/19 1:29 p.m.150 views

CVE-2018-5379

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code.

9.8CVSS9.5AI score0.15491EPSS
CVE
CVE
added 2018/02/15 10:29 a.m.149 views

CVE-2017-18189

In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.

7.5CVSS6AI score0.01458EPSS
CVE
CVE
added 2018/02/19 3:29 p.m.138 views

CVE-2018-7225

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packe...

9.8CVSS8.7AI score0.0375EPSS
CVE
CVE
added 2018/02/25 8:29 p.m.137 views

CVE-2018-7480

The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.

7.8CVSS7.5AI score0.00087EPSS
CVE
CVE
added 2018/02/19 7:29 p.m.133 views

CVE-2017-7375

A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not u...

9.8CVSS6.9AI score0.00262EPSS
CVE
CVE
added 2018/02/23 5:29 p.m.125 views

CVE-2018-6764

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.

7.8CVSS6.5AI score0.00038EPSS
CVE
CVE
added 2018/02/26 10:29 p.m.121 views

CVE-2018-7490

uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.

7.5CVSS7.4AI score0.94121EPSS
CVE
CVE
added 2018/02/07 9:29 p.m.120 views

CVE-2018-6574

Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.

7.8CVSS6.8AI score0.33377EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.117 views

CVE-2018-7335

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.

7.5CVSS7.2AI score0.01011EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.114 views

CVE-2018-7336

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.

7.5CVSS7.2AI score0.01008EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.113 views

CVE-2018-7320

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.

7.5CVSS7.3AI score0.007EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.113 views

CVE-2018-7418

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.

7.5CVSS7.3AI score0.01005EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.112 views

CVE-2018-7325

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field.

7.5CVSS7.2AI score0.00374EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.111 views

CVE-2018-7419

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.

7.5CVSS7.2AI score0.02017EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.110 views

CVE-2018-7322

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound.

7.5CVSS7.3AI score0.00538EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.110 views

CVE-2018-7334

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.

7.5CVSS7.2AI score0.01005EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.110 views

CVE-2018-7420

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.

7.5CVSS7.2AI score0.02017EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.108 views

CVE-2018-7324

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type.

7.5CVSS7.2AI score0.00538EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.108 views

CVE-2018-7337

In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.

7.5CVSS7.3AI score0.007EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.105 views

CVE-2018-7323

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing.

7.5CVSS7.2AI score0.00538EPSS
CVE
CVE
added 2018/02/22 12:29 a.m.103 views

CVE-2018-7284

A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. Th...

7.5CVSS7.4AI score0.64192EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.103 views

CVE-2018-7417

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header.

7.5CVSS7.3AI score0.00401EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.102 views

CVE-2017-5124

Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.

6.1CVSS6.4AI score0.34129EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.102 views

CVE-2018-7331

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length.

7.5CVSS7.2AI score0.01301EPSS
CVE
CVE
added 2018/02/28 7:29 a.m.102 views

CVE-2018-7557

The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

6.5CVSS6.2AI score0.01074EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.101 views

CVE-2018-7332

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length.

7.5CVSS7.2AI score0.00374EPSS
CVE
CVE
added 2018/02/07 5:29 a.m.99 views

CVE-2018-6799

The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.

8.8CVSS7.5AI score0.00818EPSS
Total number of security vulnerabilities117