Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 8.0  Security Vulnerabilities
CVE-2014-9762
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap.
CVSS Score
7.5
EPSS Score
0.028
Published
2016-05-13
CVE-2011-5326
imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.
CVSS Score
7.5
EPSS Score
0.011
Published
2016-05-13
CVE-2016-2849
Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.
CVSS Score
7.5
EPSS Score
0.006
Published
2016-05-13
CVE-2016-2195
Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow.
CVSS Score
9.8
EPSS Score
0.106
Published
2016-05-13
CVE-2016-2194
The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus.
CVSS Score
7.5
EPSS Score
0.017
Published
2016-05-13
CVE-2015-7827
Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.
CVSS Score
7.5
EPSS Score
0.004
Published
2016-05-13
CVE-2015-5727
The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.
CVSS Score
7.5
EPSS Score
0.006
Published
2016-05-13
CVE-2015-5726
The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.
CVSS Score
7.5
EPSS Score
0.009
Published
2016-05-13
CVE-2016-3712
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
CVSS Score
5.5
EPSS Score
0.001
Published
2016-05-11
CVE-2016-3710
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
CVSS Score
8.8
EPSS Score
0.001
Published
2016-05-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved