Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-08-30 | CVE-2017-13777 | GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. | Debian_linux, Graphicsmagick | 6.5 | ||
| 2017-08-30 | CVE-2017-13776 | GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. | Debian_linux, Graphicsmagick | 6.5 | ||
| 2015-11-06 | CVE-2015-7697 | Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive. | Ubuntu_linux, Debian_linux, Unzip | N/A | ||
| 2015-11-06 | CVE-2015-7696 | Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value. | Ubuntu_linux, Debian_linux, Unzip | N/A | ||
| 2015-02-06 | CVE-2014-9636 | unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. | Ubuntu_linux, Debian_linux, Fedora, Unzip | N/A | ||
| 2019-11-21 | CVE-2014-0083 | The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords. | Debian_linux, Net\-Ldap | N/A | ||
| 2008-09-18 | CVE-2008-4098 | MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097. | Ubuntu_linux, Debian_linux, Mysql, Mysql | N/A | ||
| 2008-05-05 | CVE-2008-2079 | MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future. | Ubuntu_linux, Debian_linux, Mysql, Mysql | N/A | ||
| 2008-01-10 | CVE-2008-0226 | Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. | Mac_os_x, Ubuntu_linux, Debian_linux, Mysql, Mysql, Yassl | N/A | ||
| 2004-11-03 | CVE-2004-0836 | Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length). | Debian_linux, Mysql | N/A |