VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2015-2151Mar 12, 2015
    risk 0.00cvss epss 0.01

    The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via…

  • CVE-2015-2045Mar 12, 2015
    risk 0.00cvss epss 0.00

    The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.

  • CVE-2015-1165Mar 9, 2015
    risk 0.00cvss epss 0.02

    RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.

  • CVE-2014-9472Mar 9, 2015
    risk 0.00cvss epss 0.03

    The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email.

  • CVE-2015-2191Mar 8, 2015
    risk 0.00cvss epss 0.04

    Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.

  • CVE-2015-2189Mar 8, 2015
    risk 0.00cvss epss 0.05

    Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface…

  • CVE-2015-2188Mar 8, 2015
    risk 0.00cvss epss 0.04

    epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet…

  • CVE-2015-0239Mar 2, 2015
    risk 0.00cvss epss 0.01

    The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment…

  • CVE-2014-9644Mar 2, 2015
    risk 0.00cvss epss 0.01

    The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different…

  • CVE-2014-8160Mar 2, 2015
    risk 0.00cvss epss 0.05

    net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions…

  • CVE-2013-7421Mar 2, 2015
    risk 0.00cvss epss 0.01

    The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

  • CVE-2015-0885Feb 28, 2015
    risk 0.00cvss epss 0.02

    checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

  • CVE-2015-1414Feb 27, 2015
    risk 0.00cvss epss 0.04

    Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.

  • CVE-2015-1572Feb 24, 2015
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2015-2047Feb 23, 2015
    risk 0.00cvss epss 0.02

    The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39, and 4.6.0 through 4.6.18, when configured for the frontend, allows remote attackers to bypass authentication via a password that is casted to an empty value.

  • CVE-2015-0247Feb 17, 2015
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.

  • CVE-2014-9675Feb 8, 2015
    risk 0.00cvss epss 0.04

    bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.

  • CVE-2014-9673Feb 8, 2015
    risk 0.00cvss epss 0.03

    Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

  • CVE-2014-9672Feb 8, 2015
    risk 0.00cvss epss 0.05

    Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.

  • CVE-2014-9671Feb 8, 2015
    risk 0.00cvss epss 0.03

    Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.

Page 116 of 151