VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2017-9503MedJun 16, 2017
    risk 0.36cvss 5.5epss 0.00

    QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.

  • CVE-2017-9375MedJun 16, 2017
    risk 0.36cvss 5.5epss 0.00

    QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.

  • CVE-2017-9373MedJun 16, 2017
    risk 0.36cvss 5.5epss 0.00

    Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device.

  • CVE-2017-9330MedJun 8, 2017
    risk 0.36cvss 5.6epss 0.00

    QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.

  • CVE-2017-9310MedJun 8, 2017
    risk 0.36cvss 5.6epss 0.00

    QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the initial receive / transmit descriptor head (TDH/RDH) outside the allocated…

  • CVE-2017-8314MedMay 23, 2017
    risk 0.36cvss 5.5epss 0.02

    Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles.

  • CVE-2017-8312MedMay 23, 2017
    risk 0.36cvss 5.5epss 0.01

    Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.

  • CVE-2017-8925MedMay 12, 2017
    risk 0.36cvss 5.5epss 0.00

    The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.

  • CVE-2017-8846MedMay 8, 2017
    risk 0.36cvss 5.5epss 0.02

    The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.

  • CVE-2017-7718MedApr 20, 2017
    risk 0.36cvss 5.5epss 0.01

    hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_…

  • CVE-2017-7697MedApr 11, 2017
    risk 0.36cvss 5.5epss 0.01

    In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file.

  • CVE-2016-5322MedApr 11, 2017
    risk 0.36cvss 5.5epss 0.02

    The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.

  • CVE-2017-7613MedApr 9, 2017
    risk 0.36cvss 5.5epss 0.02

    elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.

  • CVE-2017-7612MedApr 9, 2017
    risk 0.36cvss 5.5epss 0.02

    The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.

  • CVE-2017-7611MedApr 9, 2017
    risk 0.36cvss 5.5epss 0.02

    The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.

  • CVE-2017-7610MedApr 9, 2017
    risk 0.36cvss 5.5epss 0.02

    The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.

  • CVE-2017-7608MedApr 9, 2017
    risk 0.36cvss 5.5epss 0.02

    The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.

  • CVE-2017-5973MedMar 27, 2017
    risk 0.36cvss 5.5epss 0.00

    The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

  • CVE-2016-9556MedMar 23, 2017
    risk 0.36cvss 5.5epss 0.02

    The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.

  • CVE-2017-6836MedMar 20, 2017
    risk 0.36cvss 5.5epss 0.03

    Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted file.

Page 78 of 151