Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-10-04 CVE-2017-12166 Out-of-bounds Write vulnerability in multiple products
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.
network
low complexity
openvpn debian CWE-787
critical
9.8
2017-10-03 CVE-2017-14493 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
network
low complexity
redhat debian canonical opensuse thekelleys CWE-119
critical
9.8
2017-10-03 CVE-2017-14492 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
network
low complexity
redhat debian canonical thekelleys CWE-119
critical
9.8
2017-09-21 CVE-2017-14632 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
network
low complexity
xiph-org debian canonical CWE-119
critical
9.8
2017-09-14 CVE-2017-13725 Out-of-bounds Read vulnerability in multiple products
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
network
low complexity
tcpdump debian CWE-125
critical
9.8
2017-09-14 CVE-2017-13687 Out-of-bounds Read vulnerability in multiple products
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
network
low complexity
tcpdump debian CWE-125
critical
9.8
2017-09-14 CVE-2017-13028 Out-of-bounds Read vulnerability in multiple products
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
network
low complexity
tcpdump debian CWE-125
critical
9.8
2017-09-14 CVE-2017-13024 Out-of-bounds Read vulnerability in multiple products
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
network
low complexity
tcpdump debian CWE-125
critical
9.8
2017-09-14 CVE-2017-13020 Out-of-bounds Read vulnerability in multiple products
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
network
low complexity
tcpdump debian CWE-125
critical
9.8
2017-09-14 CVE-2017-13004 Out-of-bounds Read vulnerability in multiple products
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
network
low complexity
tcpdump debian CWE-125
critical
9.8