U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 3,913 matching records.
Displaying matches 3,821 through 3,840.
Vuln ID Summary CVSS Severity
CVE-2017-6306

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."

Published: February 23, 2017; 11:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-6305

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."

Published: February 23, 2017; 11:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-6304

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read."

Published: February 23, 2017; 11:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-6303

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."

Published: February 23, 2017; 11:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-6302

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."

Published: February 23, 2017; 11:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-6301

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."

Published: February 23, 2017; 11:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-6300

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."

Published: February 23, 2017; 11:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-6299

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."

Published: February 23, 2017; 11:59:00 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."

Published: February 23, 2017; 11:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-6011

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

Published: February 16, 2017; 6:59:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-6010

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "extract_icons" function in the "extract.c" source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash.

Published: February 16, 2017; 6:59:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-6009

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a failed memcpy. This affects wrestool.

Published: February 16, 2017; 6:59:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-5991

An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-5848

The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.

Published: February 09, 2017; 10:59:01 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-5847

The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.

Published: February 09, 2017; 10:59:01 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-2148

Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.

Published: February 09, 2017; 10:59:00 AM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-2147

Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.

Published: February 09, 2017; 10:59:00 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-7798

The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism.

Published: January 30, 2017; 5:59:00 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-2518

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

Published: January 30, 2017; 4:59:01 PM -0500
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2015-7977

ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.

Published: January 30, 2017; 4:59:00 PM -0500
V3.1: 5.9 MEDIUM
V2.0: 4.3 MEDIUM