Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-10-07 CVE-2016-7424 NULL Pointer Dereference vulnerability in multiple products
The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file.
local
low complexity
debian libav CWE-476
5.5
2016-10-05 CVE-2016-7909 Infinite Loop vulnerability in multiple products
The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0.
local
low complexity
qemu debian CWE-835
4.4
2016-10-05 CVE-2016-7908 Infinite Loop vulnerability in multiple products
The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.
local
low complexity
qemu debian CWE-835
4.4
2016-09-26 CVE-2016-6306 Out-of-bounds Read vulnerability in multiple products
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
network
high complexity
openssl hp novell nodejs debian canonical CWE-125
5.9
2016-09-26 CVE-2016-7142 Permissions, Privileges, and Access Controls vulnerability in multiple products
The m_sasl module in InspIRCd before 2.0.23, when used with a service that supports SASL_EXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message.
network
high complexity
inspircd debian CWE-264
5.9
2016-09-25 CVE-2016-5172 Information Exposure vulnerability in multiple products
The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.
network
low complexity
google nodejs debian CWE-200
6.5
2016-09-20 CVE-2015-8932 Improper Input Validation vulnerability in multiple products
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
local
low complexity
canonical debian suse libarchive CWE-20
5.5
2016-09-20 CVE-2015-8916 NULL Pointer Dereference vulnerability in multiple products
bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.
network
low complexity
canonical debian libarchive CWE-476
6.5
2016-09-09 CVE-2016-7180 Use After Free vulnerability in multiple products
epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
network
high complexity
debian wireshark CWE-416
5.9
2016-09-09 CVE-2016-7179 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
network
high complexity
debian wireshark CWE-119
5.9