CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian » Debian Linux » 8.0 : Security Vulnerabilities Published In 2018

Cpe Name:cpe:/o:debian:debian_linux:8.0
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
801 CVE-2017-2923 119 Exec Code Overflow Mem. Corr. 2018-04-24 2018-05-25
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
802 CVE-2017-2885 119 Exec Code Overflow 2018-04-24 2018-06-13
7.5
None Remote Low Not required Partial Partial Partial
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability.
803 CVE-2017-2839 20 DoS 2018-04-24 2018-05-25
4.3
None Remote Medium Not required None None Partial
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.
804 CVE-2017-2838 20 DoS 2018-04-24 2018-05-25
4.3
None Remote Medium Not required None None Partial
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.
805 CVE-2017-2837 20 DoS 2018-04-24 2018-05-25
4.3
None Remote Medium Not required None None Partial
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.
806 CVE-2017-2836 295 DoS 2018-04-24 2018-05-25
4.3
None Remote Medium Not required None None Partial
An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.
807 CVE-2017-2835 787 Exec Code 2018-04-24 2018-05-25
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability.
808 CVE-2017-2834 787 Exec Code 2018-04-24 2018-05-25
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle attack to trigger this vulnerability.
809 CVE-2017-2825 2018-04-20 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to trigger this vulnerability.
810 CVE-2017-2669 20 DoS 2018-06-21 2019-10-09
5.0
None Remote Low Not required None None Partial
Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through var_expand() to perform %variable expansion. Sending specially crafted %variable fields could result in excessive memory usage causing the process to crash (and restart), or excessive CPU usage causing all authentications to hang.
811 CVE-2017-2640 787 Exec Code 2018-07-27 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
812 CVE-2017-2619 362 2018-03-12 2019-10-09
6.0
None Remote Medium Single system Partial Partial Partial
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
813 CVE-2017-2618 682 2018-07-27 2019-10-09
4.9
None Local Low Not required None None Complete
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.
814 CVE-2017-2616 362 2018-07-27 2019-10-09
4.7
None Local Medium Not required None None Complete
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
815 CVE-2017-0358 269 2018-04-13 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.
816 CVE-2017-0356 287 Bypass 2018-04-13 2018-05-18
7.5
None Remote Low Not required Partial Partial Partial
A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an attacker to bypass authentication via repeated parameters.
817 CVE-2016-1000346 320 2018-06-04 2018-11-28
4.3
None Remote Medium Not required Partial None None
In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation.
818 CVE-2016-1000345 361 2018-06-04 2018-11-28
4.3
None Remote Medium Not required Partial None None
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding.
819 CVE-2016-1000343 310 2018-06-04 2018-11-28
5.0
None Remote Low Not required Partial None None
In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator.
820 CVE-2016-1000342 347 2018-06-04 2018-11-28
5.0
None Remote Low Not required None Partial None
In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
821 CVE-2016-1000341 361 2018-06-04 2018-11-28
4.3
None Remote Medium Not required Partial None None
In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well.
822 CVE-2016-1000339 310 +Info 2018-06-04 2018-11-28
5.0
None Remote Low Not required Partial None None
In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate.
823 CVE-2016-10729 77 2018-10-24 2019-01-09
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root.
824 CVE-2016-10708 476 DoS 2018-01-21 2019-06-26
5.0
None Remote Low Not required None None Partial
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
825 CVE-2016-10538 362 2018-05-31 2019-10-09
4.9
None Remote Medium Single system None Partial Partial
The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to.
826 CVE-2016-9905 284 2018-06-11 2018-08-09
6.8
None Remote Medium Not required Partial Partial Partial
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.
827 CVE-2016-9904 200 +Info 2018-06-11 2018-08-01
5.0
None Remote Low Not required Partial None None
An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
828 CVE-2016-9897 119 Overflow Mem. Corr. 2018-06-11 2018-08-01
5.0
None Remote Low Not required None None Partial
Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
829 CVE-2016-9646 287 2018-04-13 2018-05-18
5.0
None Remote Low Not required None Partial None
ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2014-1572), which can be abused to lead to commit metadata forgery.
830 CVE-2016-9602 59 2018-04-26 2019-10-09
9.0
None Remote Low Single system Complete Complete Complete
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.
831 CVE-2016-9601 119 Overflow 2018-04-23 2019-10-09
4.3
None Remote Medium Not required None None Partial
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.
832 CVE-2016-9597 119 DoS Overflow 2018-07-30 2019-10-09
5.0
None Remote Low Not required None None Partial
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.
833 CVE-2016-9591 416 2018-03-09 2019-10-09
4.3
None Remote Medium Not required None None Partial
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
834 CVE-2016-9578 20 2018-07-27 2019-10-09
5.0
None Remote Low Not required None None Partial
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.
835 CVE-2016-9577 119 Exec Code Overflow 2018-07-27 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
836 CVE-2016-9573 125 2018-08-01 2019-10-09
5.8
None Remote Medium Not required Partial None Partial
An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.
837 CVE-2016-9572 476 2018-08-01 2019-07-17
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image.
838 CVE-2016-9074 200 +Info 2018-06-11 2018-08-09
4.3
None Remote Medium Not required Partial None None
An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
839 CVE-2016-9066 119 Overflow 2018-06-11 2018-07-30
5.0
None Remote Low Not required None None Partial
A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
840 CVE-2016-9063 190 Overflow 2018-06-11 2018-07-30
7.5
None Remote Low Not required Partial Partial Partial
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.
841 CVE-2016-8654 119 Overflow 2018-08-01 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.
842 CVE-2016-7074 20 2018-09-11 2019-10-09
4.3
None Remote Medium Not required None Partial None
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leading to the possibility of parsing records that are not covered by the TSIG signature.
843 CVE-2016-7073 20 2018-09-11 2019-10-09
4.3
None Remote Medium Not required None Partial None
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found in AXFRRetriever, leading to a possible replay attack.
844 CVE-2016-7072 400 DoS 2018-09-10 2019-10-09
5.0
None Remote Low Not required None None Partial
An issue has been found in PowerDNS Authoritative Server before 3.4.11 and 4.0.2 allowing a remote, unauthenticated attacker to cause a denial of service by opening a large number of TCP connections to the web server. If the web server runs out of file descriptors, it triggers an exception and terminates the whole PowerDNS process. While it's more complicated for an unauthorized attacker to make the web server run out of file descriptors since its connection will be closed just after being accepted, it might still be possible.
845 CVE-2016-7068 400 DoS 2018-09-11 2019-10-09
7.8
None Remote Low Not required None None Complete
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if the system becomes overloaded. This issue is based on the fact that the PowerDNS server parses all records present in a query regardless of whether they are needed or even legitimate. A specially crafted query containing a large number of records can be used to take advantage of that behaviour.
846 CVE-2016-7056 320 2018-09-10 2019-10-09
2.1
None Local Low Not required Partial None None
A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.
847 CVE-2016-5314 787 DoS Overflow 2018-03-11 2018-04-05
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
848 CVE-2016-5297 190 Overflow 2018-06-11 2018-07-30
7.5
None Remote Low Not required Partial Partial Partial
An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
849 CVE-2016-5296 119 Overflow 2018-06-11 2018-07-30
5.0
None Remote Low Not required None None Partial
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
850 CVE-2016-5293 20 2018-06-11 2018-07-30
2.1
None Local Low Not required None Partial None
When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.
Total number of vulnerabilities : 862   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 (This Page)18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.