Total
9113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-1000339 | 2 Bouncycastle, Debian | 2 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate. | |||||
| CVE-2016-1000236 | 2 Cookie-signature Project, Debian | 2 Cookie-signature, Debian Linux | 2024-11-21 | 3.5 LOW | 4.4 MEDIUM |
| Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used. | |||||
| CVE-2016-1000110 | 3 Debian, Fedoraproject, Python | 3 Debian Linux, Fedora, Python | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. | |||||
| CVE-2016-1000108 | 2 Debian, Yaws | 2 Debian Linux, Yaws | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. | |||||
| CVE-2016-1000002 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Gnome Display Manager, Leap and 1 more | 2024-11-21 | 2.1 LOW | 2.4 LOW |
| gdm3 3.14.2 and possibly later has an information leak before screen lock | |||||
| CVE-2015-9542 | 3 Canonical, Debian, Freeradius | 3 Ubuntu Linux, Debian Linux, Pam Radius | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an application (loading the pam_radius library) and crash it. Arbitrary code execution might be possible, depending on the application, C library, compiler, and other factors. | |||||
| CVE-2015-9383 | 3 Canonical, Debian, Freetype | 3 Ubuntu Linux, Debian Linux, Freetype | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c. | |||||
| CVE-2015-9382 | 2 Debian, Freetype | 2 Debian Linux, Freetype | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation. | |||||
| CVE-2015-9381 | 2 Debian, Freetype | 2 Debian Linux, Freetype | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c. | |||||
| CVE-2015-9268 | 2 Debian, Nullsoft | 2 Debian Linux, Nullsoft Scriptable Install System | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime. | |||||
| CVE-2015-9267 | 2 Debian, Nullsoft | 2 Debian Linux, Nullsoft Scriptable Install System | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program. | |||||
| CVE-2015-9262 | 4 Canonical, Debian, Redhat and 1 more | 7 Ubuntu Linux, Debian Linux, Ansible Tower and 4 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. | |||||
| CVE-2015-9261 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file. | |||||
| CVE-2015-8313 | 2 Debian, Gnu | 2 Debian Linux, Gnutls | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| GnuTLS incorrectly validates the first byte of padding in CBC modes | |||||
| CVE-2015-8011 | 3 Debian, Fedoraproject, Lldpd Project | 3 Debian Linux, Fedora, Lldpd | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. | |||||
| CVE-2015-7810 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-11-21 | 3.3 LOW | 4.7 MEDIUM |
| libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files | |||||
| CVE-2015-7542 | 3 Aquamaniac, Debian, Opensuse | 3 Gwenhywfar, Debian Linux, Leap | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. | |||||
| CVE-2015-5694 | 3 Debian, Openstack, Redhat | 3 Debian Linux, Designate, Enterprise Linux Openstack Platform | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Designate does not enforce the DNS protocol limit concerning record set sizes | |||||
| CVE-2015-5316 | 2 Debian, W1.fi | 2 Debian Linux, Wpa Supplicant | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an EAP-pwd Confirm message followed by the Identity exchange. | |||||
| CVE-2015-5315 | 2 Debian, W1.fi | 2 Debian Linux, Wpa Supplicant | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message. | |||||