Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-10-03 CVE-2017-14492 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
network
low complexity
redhat debian canonical thekelleys CWE-119
critical
 9.8
9.8
2017-09-21 CVE-2017-14632 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
network
low complexity
xiph-org debian canonical CWE-119
critical
 9.8
9.8
2017-09-14 CVE-2017-13725 Out-of-bounds Read vulnerability in multiple products
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13687 Out-of-bounds Read vulnerability in multiple products
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13028 Out-of-bounds Read vulnerability in multiple products
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13024 Out-of-bounds Read vulnerability in multiple products
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13020 Out-of-bounds Read vulnerability in multiple products
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-13004 Out-of-bounds Read vulnerability in multiple products
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
network
low complexity
tcpdump debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-12987 Out-of-bounds Read vulnerability in multiple products
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
network
low complexity
tcpdump redhat debian CWE-125
critical
 9.8
9.8
2017-09-14 CVE-2017-12902 Out-of-bounds Read vulnerability in multiple products
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
network
low complexity
tcpdump redhat debian CWE-125
critical
 9.8
9.8