Filtered by vendor Debian
Subscribe
Total
9262 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12182 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
| CVE-2017-12181 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
| CVE-2017-12180 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
| CVE-2017-12179 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
| CVE-2017-12178 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
| CVE-2017-12177 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
| CVE-2017-12176 | 2 Debian, X.org | 2 Debian Linux, Xorg-server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | |||||
| CVE-2017-12163 | 3 Debian, Redhat, Samba | 7 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2024-11-21 | 4.8 MEDIUM | 4.1 MEDIUM |
| An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. | |||||
| CVE-2017-12151 | 4 Debian, Hp, Redhat and 1 more | 8 Debian Linux, Cifs Server, Enterprise Linux and 5 more | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. | |||||
| CVE-2017-12150 | 3 Debian, Redhat, Samba | 7 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. | |||||
| CVE-2017-12122 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2017-12105 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. | |||||
| CVE-2017-12104 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. | |||||
| CVE-2017-12103 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. | |||||
| CVE-2017-12102 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. | |||||
| CVE-2017-12101 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file in order to trigger this vulnerability. | |||||
| CVE-2017-12100 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the 'multires_load_old_dm' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file in order to trigger this vulnerability. | |||||
| CVE-2017-12099 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. | |||||
| CVE-2017-12086 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file in order to trigger this vulnerability. | |||||
| CVE-2017-12082 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to edit an object within a .blend library in their Scene in order to trigger this vulnerability. | |||||