Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2016-09-09 | CVE-2016-7177 | epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet. | Debian_linux, Wireshark | 5.9 | ||
2016-09-09 | CVE-2016-7178 | epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet. | Debian_linux, Wireshark | 5.9 | ||
2016-09-09 | CVE-2016-7179 | Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | Debian_linux, Wireshark | 5.9 | ||
2016-09-09 | CVE-2016-7180 | epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet. | Debian_linux, Wireshark | 5.9 | ||
2016-09-21 | CVE-2016-7163 | Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write. | Debian_linux, Fedora, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openjpeg | 7.8 | ||
2016-09-22 | CVE-2016-6525 | Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array. | Mupdf, Debian_linux | 9.8 | ||
2016-09-25 | CVE-2016-4738 | libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | Iphone_os, Mac_os_x, Tvos, Watchos, Debian_linux | 8.8 | ||
2016-09-25 | CVE-2016-5172 | The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code. | Debian_linux, Chrome, Node\.js | 6.5 | ||
2016-09-26 | CVE-2016-6306 | The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. | Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_mcrp, Icewall_sso, Icewall_sso_agent_option, Node\.js, Suse_linux_enterprise_module_for_web_scripting, Openssl | 5.9 | ||
2016-10-03 | CVE-2016-5180 | Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot. | C\-Ares, C\-Ares, Ubuntu_linux, Debian_linux, Node\.js | 9.8 |