VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2017-15722MedOct 22, 2017
    risk 0.39cvss 5.9epss 0.02

    In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.

  • CVE-2017-10355MedOct 19, 2017
    risk 0.39cvss 5.3epss 0.16

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows…

  • CVE-2017-10135MedAug 8, 2017
    risk 0.39cvss 5.9epss 0.03

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows…

  • CVE-2015-7852MedAug 7, 2017
    risk 0.39cvss 5.9epss 0.12

    ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.

  • CVE-2017-11359MedJul 31, 2017
    risk 0.39cvss 5.5epss 0.07

    The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file.

  • CVE-2017-11358MedJul 31, 2017
    risk 0.39cvss 5.5epss 0.07

    The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file.

  • CVE-2017-11332MedJul 31, 2017
    risk 0.39cvss 5.5epss 0.07

    The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file.

  • CVE-2017-11104MedJul 8, 2017
    risk 0.39cvss 5.9epss 0.03

    Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity…

  • CVE-2017-6512MedJun 1, 2017
    risk 0.39cvss 5.9epss 0.02

    Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.

  • CVE-2017-7377MedApr 10, 2017
    risk 0.39cvss 6.0epss 0.00

    The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.

  • CVE-2016-10155MedMar 15, 2017
    risk 0.39cvss 6.0epss 0.00

    Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2016-10165HigFeb 3, 2017
    risk 0.39cvss 7.1epss 0.03

    The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.

  • CVE-2016-9963MedFeb 1, 2017
    risk 0.39cvss 5.9epss 0.03

    Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.

  • CVE-2015-7977MedJan 30, 2017
    risk 0.39cvss 5.9epss 0.06

    ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.

  • CVE-2016-2373MedJan 6, 2017
    risk 0.39cvss 5.9epss 0.02

    A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or user can send an invalid mood to trigger this vulnerability.

  • CVE-2016-2370MedJan 6, 2017
    risk 0.39cvss 5.9epss 0.02

    A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malicious server or man-in-the-middle attacker can send invalid data to trigger this…

  • CVE-2016-2369MedJan 6, 2017
    risk 0.39cvss 5.9epss 0.02

    A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a denial of service vulnerability. A malicious server can send a packet starting with a NULL byte…

  • CVE-2016-2367MedJan 6, 2017
    risk 0.39cvss 5.9epss 0.02

    An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle can send an invalid size for an avatar which will trigger…

  • CVE-2016-2366MedJan 6, 2017
    risk 0.39cvss 5.9epss 0.02

    A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or an attacker who intercepts the network traffic can send invalid data…

  • CVE-2016-2365MedJan 6, 2017
    risk 0.39cvss 5.9epss 0.02

    A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. A malicious server or an attacker who intercepts the network traffic can send invalid…

Page 64 of 151