Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-03-30 | CVE-2014-9653 | Improper Input Validation vulnerability in multiple products readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. | 7.5 |
| 2015-03-24 | CVE-2015-2155 | Denial of Service vulnerability in tcpdump The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | 7.5 |
| 2015-03-20 | CVE-2015-1804 | Numeric Errors vulnerability in X Libxfont The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file. | 8.5 |
| 2015-03-20 | CVE-2015-1803 | Local Denial of Service vulnerability in X.Org libXfont 'bitmap/bdfread.c' The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file. | 8.5 |
| 2015-03-20 | CVE-2015-1802 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in X Libxfont The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property count in a BDF font file. | 8.5 |
| 2015-03-12 | CVE-2015-2151 | Permissions, Privileges, and Access Controls vulnerability in multiple products The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors. | 7.2 |
| 2015-03-09 | CVE-2014-9472 | Resource Management Errors vulnerability in multiple products The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email. | 7.1 |
| 2015-02-27 | CVE-2015-1414 | Remote Denial of Service vulnerability in FreeBSD Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. | 7.8 |
| 2015-02-19 | CVE-2015-1592 | Injection vulnerability in multiple products Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors. | 7.5 |
| 2015-02-08 | CVE-2014-9663 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table. | 7.5 |