VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2014-9655MedApr 13, 2016
    risk 0.42cvss 6.5epss 0.03

    The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.

  • CVE-2016-3168MedApr 12, 2016
    risk 0.42cvss 6.4epss 0.02

    The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might allow remote attackers to hijack the authentication of site administrators for requests that download and run files with arbitrary JSON-encoded content, aka a "reflected file download vulnerability."

  • CVE-2016-2858MedApr 7, 2016
    risk 0.42cvss 6.5epss 0.00

    QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.

  • CVE-2013-7448HigFeb 23, 2016
    risk 0.42cvss 7.5epss 0.04

    Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get.

  • CVE-2016-1523MedFeb 13, 2016
    risk 0.42cvss 6.5epss 0.02

    The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL…

  • CVE-2016-2073MedFeb 12, 2016
    risk 0.42cvss 6.5epss 0.03

    The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.

  • CVE-2015-8783MedFeb 1, 2016
    risk 0.42cvss 6.5epss 0.03

    tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.

  • CVE-2015-8782MedFeb 1, 2016
    risk 0.42cvss 6.5epss 0.03

    tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.

  • CVE-2015-8781MedFeb 1, 2016
    risk 0.42cvss 6.5epss 0.03

    tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.

  • CVE-2014-3687HigNov 10, 2014
    risk 0.42cvss 7.5epss 0.09

    The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect…

  • CVE-2014-3673HigNov 10, 2014
    risk 0.42cvss 7.5epss 0.07

    The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

  • CVE-2012-3489MedOct 3, 2012
    risk 0.42cvss 6.5epss 0.03

    The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file…

  • CVE-2012-1798MedJun 5, 2012
    risk 0.42cvss 6.5epss 0.02

    The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.

  • CVE-2012-0260MedJun 5, 2012
    risk 0.42cvss 6.5epss 0.02

    The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.

  • CVE-2012-0259MedJun 5, 2012
    risk 0.42cvss 6.5epss 0.02

    The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.

  • CVE-2010-2249MedJun 30, 2010
    risk 0.42cvss 6.5epss 0.03

    Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

  • CVE-2009-2416MedAug 11, 2009
    risk 0.42cvss 6.5epss 0.02

    Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as…

  • CVE-2008-3281MedAug 27, 2008
    risk 0.42cvss 6.5epss 0.03

    libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.

  • CVE-2019-12098HigMay 15, 2019
    risk 0.41cvss 7.4epss 0.02

    In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.

  • CVE-2017-5044MedApr 24, 2017
    risk 0.41cvss 6.3epss 0.02

    Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Page 61 of 151