CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian » Debian Linux : Security Vulnerabilities (CVSS score >= 9)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-16509 264 Exec Code 2018-09-05 2018-12-04
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.
2 CVE-2018-15686 502 2018-10-26 2018-12-10
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.
3 CVE-2018-7187 20 Exec Code 2018-02-16 2018-10-21
9.3
User Remote Medium Not required Complete Complete Complete
The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path (get/vcs.go only checks for "://" anywhere in the string), which allows remote attackers to execute arbitrary OS commands via a crafted web site.
4 CVE-2018-5704 134 Exec Code XSS 2018-01-16 2018-02-09
9.3
None Remote Medium Not required Complete Complete Complete
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
5 CVE-2017-18123 20 2018-02-03 2018-07-06
9.3
None Remote Medium Not required Complete Complete Complete
The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs.
6 CVE-2017-16921 77 Exec Code 2017-12-08 2018-02-03
9.0
None Remote Low Single system Complete Complete Complete
In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user.
7 CVE-2017-15399 416 2018-08-28 2018-11-07
9.3
None Remote Medium Not required Complete Complete Complete
A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8 CVE-2017-14867 20 Exec Code 2017-09-28 2017-10-11
9.0
None Remote Low Single system Complete Complete Complete
Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code is reachable via git-shell even without CVS support.
9 CVE-2017-14176 77 Exec Code 2017-11-27 2017-12-20
9.3
None Remote Medium Not required Complete Complete Complete
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.
10 CVE-2017-13090 119 Overflow 2017-10-27 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but ends up passing the negative chunk length to retr.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. The attacker can corrupt malloc metadata after the allocated buffer.
11 CVE-2017-13089 119 Overflow 2017-10-27 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument.
12 CVE-2017-12904 943 Exec Code 2017-08-23 2018-08-13
9.3
None Remote Medium Not required Complete Complete Complete
Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL.
13 CVE-2017-12379 119 DoS Exec Code Overflow 2018-01-26 2018-03-15
10.0
None Remote Low Not required Complete Complete Complete
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in the message parsing function on an affected system. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a messageAddArgument (in message.c) buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition or execute arbitrary code on an affected device.
14 CVE-2017-12377 119 DoS Exec Code Overflow 2018-01-26 2018-03-15
10.0
None Remote Low Not required Complete Complete Complete
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.
15 CVE-2017-12376 119 DoS Exec Code Overflow 2018-01-26 2018-03-15
9.3
None Remote Medium Not required Complete Complete Complete
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause a handle_pdfname (in pdf.c) buffer overflow when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code.
16 CVE-2017-11610 284 Exec Code 2017-08-23 2017-12-01
9.0
None Remote Low Single system Complete Complete Complete
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups.
17 CVE-2017-7826 119 Overflow Mem. Corr. 2018-06-11 2018-08-01
10.0
None Remote Low Not required Complete Complete Complete
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.
18 CVE-2017-7810 119 Overflow Mem. Corr. 2018-06-11 2018-08-01
10.0
None Remote Low Not required Complete Complete Complete
Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
19 CVE-2017-7779 119 Overflow Mem. Corr. 2018-06-11 2018-08-01
10.0
None Remote Low Not required Complete Complete Complete
Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
20 CVE-2017-7376 119 Exec Code Overflow 2018-02-19 2018-03-18
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
21 CVE-2017-5398 119 Overflow Mem. Corr. 2018-06-11 2018-08-01
10.0
None Remote Low Not required Complete Complete Complete
Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
22 CVE-2017-2620 125 Exec Code 2018-07-27 2018-09-07
9.0
None Remote Low Single system Complete Complete Complete
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
23 CVE-2017-2615 125 Exec Code 2018-07-02 2018-09-07
9.0
None Remote Low Single system Complete Complete Complete
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
24 CVE-2017-0359 254 2018-04-13 2018-05-18
10.0
None Remote Low Not required Complete Complete Complete
diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive.
25 CVE-2016-9603 119 Exec Code Overflow 2018-07-27 2018-09-07
9.0
None Remote Low Single system Complete Complete Complete
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
26 CVE-2016-7117 19 Exec Code 2016-10-10 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
27 CVE-2016-5118 284 Exec Code 2016-06-10 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
28 CVE-2016-4422 287 +Priv Bypass 2016-05-06 2016-05-10
10.0
None Remote Low Not required Complete Complete Complete
The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.
29 CVE-2016-3981 119 DoS Exec Code Overflow 2016-04-13 2017-02-19
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.
30 CVE-2016-2806 119 DoS Exec Code Overflow Mem. Corr. 2016-04-30 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
31 CVE-2016-2385 119 DoS Exec Code Overflow Mem. Corr. 2016-04-11 2018-10-09
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a large SIP packet.
32 CVE-2016-2195 119 Exec Code Overflow 2016-05-13 2017-06-30
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow.
33 CVE-2016-1762 119 DoS Overflow 2016-03-23 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
34 CVE-2016-1669 119 DoS Overflow 2016-05-14 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
35 CVE-2016-1659 DoS 2016-04-18 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
36 CVE-2016-1653 119 DoS Overflow 2016-04-18 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related to compiler/pipeline.cc and compiler/simplified-lowering.cc.
37 CVE-2016-1650 DoS 2016-03-29 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document.
38 CVE-2016-1649 119 DoS Overflow 2016-03-29 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages.
39 CVE-2016-1648 DoS 2016-03-29 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.
40 CVE-2016-1647 DoS 2016-03-29 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
41 CVE-2016-1646 119 DoS Overflow 2016-03-29 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
42 CVE-2016-1629 264 Bypass 2016-02-21 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors.
43 CVE-2016-1522 119 DoS Exec Code Overflow 2016-02-12 2017-06-30
9.3
None Remote Medium Not required Complete Complete Complete
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font.
44 CVE-2016-1244 20 Exec Code 2016-10-03 2018-10-21
9.3
None Remote Medium Not required Complete Complete Complete
The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.
45 CVE-2016-1235 264 +Priv +Info 2016-04-11 2016-04-14
9.0
None Remote Low Single system Complete Complete Complete
The oarsh script in OAR before 2.5.7 allows remote authenticated users of a cluster to obtain sensitive information and possibly gain privileges via vectors related to OpenSSH options.
46 CVE-2016-0766 264 +Priv 2016-02-17 2017-06-30
9.0
None Remote Low Single system Complete Complete Complete
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
47 CVE-2016-0749 119 DoS Exec Code Overflow 2016-06-09 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.
48 CVE-2015-8949 416 2016-08-19 2017-06-30
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login.
49 CVE-2015-8868 119 DoS Exec Code Overflow Mem. Corr. 2016-05-06 2018-01-04
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document.
50 CVE-2015-8540 189 2016-04-14 2017-11-03
9.3
None Remote Medium Not required Complete Complete Complete
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
Total number of vulnerabilities : 118   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.