Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2012-10-16 CVE-2012-3158 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
network
low complexity
oracle mariadb debian canonical redhat
7.5
2012-09-14 CVE-2012-3955 Denial of Service vulnerability in ISC DHCP IPv6 Lease Expiration Handling
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
network
isc debian canonical
7.1
2012-06-05 CVE-2012-1185 Integer Overflow or Wraparound vulnerability in multiple products
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image.
7.8
2012-06-05 CVE-2012-0920 Resource Management Errors vulnerability in multiple products
Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels concurrency."
network
high complexity
dropbear-ssh-project debian CWE-399
7.1
2011-10-10 CVE-2011-2189 Resource Exhaustion vulnerability in multiple products
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.
network
low complexity
linux redhat canonical debian CWE-400
7.5
2011-09-23 CVE-2011-2766 Improper Authentication vulnerability in multiple products
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.
network
low complexity
fast-cgi-project debian CWE-287
7.5
2011-08-15 CVE-2011-2749 Improper Input Validation vulnerability in multiple products
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
network
low complexity
isc debian canonical CWE-20
7.8
2011-08-15 CVE-2011-2748 Improper Input Validation vulnerability in multiple products
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
network
low complexity
isc canonical debian CWE-20
7.8
2011-07-28 CVE-2011-2688 SQL Injection vulnerability in multiple products
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
network
low complexity
mod-authnz-external-project debian CWE-89
7.5
2011-07-17 CVE-2011-2692 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.
network
low complexity
libpng fedoraproject debian canonical CWE-119
8.8