The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Linux

stunnel: vulnerability of SSL Session Reuse
An attacker can act as a Man-in-the-Middle with stunnel, in order to obtain sensitive information...
CVE-2015-3644, DSA-3299-1, VIGILANCE-VUL-16463
Qemu: infinite loop of PRDT
A local attacker can generate an infinite loop with PRDT data in Qemu, in order to trigger a denial of service...
CVE-2014-9718, DSA-3259-1, openSUSE-SU-2016:0914-1, openSUSE-SU-2016:0995-1, SUSE-SU-2016:0873-1, SUSE-SU-2016:0955-1, SUSE-SU-2016:1318-1, SUSE-SU-2016:1560-1, SUSE-SU-2016:1698-1, SUSE-SU-2016:1703-1, SUSE-SU-2016:1745-1, SUSE-SU-2016:1785-1, USN-2724-1, VIGILANCE-VUL-16454
Qemu: denial of service via websocket
A remote attacker can use the VNC websocket of Qemu, in order to trigger a denial of service...
CVE-2015-1779, DSA-3259-1, FEDORA-2015-5482, MDVSA-2015:210, openSUSE-SU-2016:0914-1, openSUSE-SU-2016:0995-1, RHSA-2015:1943-01, SUSE-SU-2015:0870-1, SUSE-SU-2015:0896-1, SUSE-SU-2016:0873-1, SUSE-SU-2016:0955-1, SUSE-SU-2016:1318-1, VIGILANCE-VUL-16453
libgd, PHP: unreachable memory reading via gd_gif_in.c
An attacker can force a read at an invalid address in gd_gif_in.c of libgd or PHP, in order to trigger a denial of service...
68601, c04686230, CVE-2014-9709, DSA-3215-1, HPSBUX03337, MDVSA-2015:153, openSUSE-SU-2015:0637-1, openSUSE-SU-2015:0644-1, RHSA-2015:1053-01, RHSA-2015:1066-01, RHSA-2015:1135-01, RHSA-2015:1218-01, SOL17127, SSA:2015-111-10, SSRT102066, SUSE-SU-2015:0868-1, SUSE-SU-2016:1638-1, USN-2987-1, VIGILANCE-VUL-16449
GnuTLS: incoherence of signature algorithms
An attacker can use an incoherent X.509 certificate with an application linked with GnuTLS, in order to weaken the security level...
CVE-2015-0294, DSA-3191-1, K54022413, openSUSE-SU-2015:0622-1, RHSA-2015:1457-01, USN-2540-1, VIGILANCE-VUL-16448
GnuTLS: forgery of RSA PKCS #1 signature
An attacker can for example use MD5 to sign RSA PKCS #1 data of an application linked to GnuTLS, in order to more easily create a forged signature...
CERTFR-2015-AVI-180, CVE-2015-0282, DSA-3191-1, GNUTLS-SA-2015-1, RHSA-2015:1457-01, SOL17327, USN-2540-1, VIGILANCE-VUL-16447
Varnish: cache poisoning via CR
An attacker can use special HTTP headers with Varnish, in order to read or alter cache data...
CVE-2015-8852, DSA-3553-1, openSUSE-SU-2016:1316-1, VIGILANCE-VUL-16444
Firefox, SeaMonkey: read-write access via JIT
An attacker can bypass access restrictions of JIT in Firefox or SeaMonkey, in order to read or alter the memory, to execute code...
CERTFR-2015-AVI-119, CVE-2015-0817, DSA-3201-1, FEDORA-2015-4148, FEDORA-2015-4402, FEDORA-2015-4879, FEDORA-2015-4961, MFSA-2015-29, openSUSE-SU-2015:0567-1, openSUSE-SU-2015:0607-1, openSUSE-SU-2015:0636-1, RHSA-2015:0718-01, SSA:2015-111-14, SUSE-SU-2015:0593-1, SUSE-SU-2015:0593-2, SUSE-SU-2015:0630-1, USN-2538-1, VIGILANCE-VUL-16437, ZDI-15-109
Shibboleth Service Provider: unreachable memory reading via SAML
An authenticated attacker can force a read at an invalid address via SAML of Shibboleth Service Provider, in order to trigger a denial of service...
CVE-2015-2684, DSA-3207-1, VIGILANCE-VUL-16433
OpenSSL 0.9/1.0.0/1.0.1: five vulnerabilities
An attacker can use several vulnerabilities of OpenSSL 0.9/1.0.0/1.0.1...
1701334, 1902519, 1960491, 1964410, 1975397, 55767, 7043086, 9010031, ARUBA-PSA-2015-007, bulletinapr2015, c04679334, CERTFR-2015-AVI-117, CERTFR-2015-AVI-146, CERTFR-2015-AVI-169, CERTFR-2015-AVI-177, CERTFR-2015-AVI-259, CERTFR-2016-AVI-303, cisco-sa-20150320-openssl, cisco-sa-20150408-ntpd, cpuapr2017, cpuoct2016, cpuoct2017, CTX216642, CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0292, CVE-2015-0293, DSA-2020-062, DSA-3197-1, DSA-3197-2, FEDORA-2015-4300, FEDORA-2015-4303, FG-IR-15-008, FreeBSD-SA-15:06.openssl, HPSBUX03334, JSA10680, MDVSA-2015:062, MDVSA-2015:063, NetBSD-SA2015-007, NTAP-20150323-0002, openSUSE-SU-2015:0554-1, openSUSE-SU-2015:1277-1, openSUSE-SU-2015:2243-1, openSUSE-SU-2016:0638-1, openSUSE-SU-2016:0640-1, RHSA-2015:0715-01, RHSA-2015:0716-01, RHSA-2015:0752-01, RHSA-2015:0800-01, RHSA-2016:0372-01, RHSA-2016:0445-01, RHSA-2016:0446-01, RHSA-2016:0490-01, SA40001, SA92, SB10110, SOL16301, SOL16302, SOL16317, SOL16319, SOL16320, SOL16321, SOL16323, SPL-98351, SPL-98531, SSA:2015-111-09, SSRT102000, SUSE-SU-2015:0541-1, SUSE-SU-2015:0553-1, SUSE-SU-2015:0553-2, SUSE-SU-2015:0578-1, SUSE-SU-2016:0678-1, TNS-2015-04, USN-2537-1, VIGILANCE-VUL-16429
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Linux: