Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-13 | CVE-2014-9764 | Improper Input Validation vulnerability in multiple products imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file. | 7.5 |
| 2016-05-13 | CVE-2014-9763 | Numeric Errors vulnerability in multiple products imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file. | 7.5 |
| 2016-05-13 | CVE-2014-9762 | Improper Input Validation vulnerability in multiple products imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap. | 7.5 |
| 2016-05-13 | CVE-2011-5326 | Numeric Errors vulnerability in multiple products imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse. | 7.5 |
| 2016-05-13 | CVE-2016-2849 | Information Exposure vulnerability in multiple products Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack. | 7.5 |
| 2016-05-13 | CVE-2016-2195 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow. | 9.8 |
| 2016-05-13 | CVE-2016-2194 | Improper Input Validation vulnerability in multiple products The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus. | 7.5 |
| 2016-05-13 | CVE-2015-7827 | Information Exposure vulnerability in multiple products Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding. | 7.5 |
| 2016-05-13 | CVE-2015-5727 | Resource Management Errors vulnerability in multiple products The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field. | 7.5 |
| 2016-05-13 | CVE-2015-5726 | Improper Input Validation vulnerability in multiple products The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data. | 7.5 |