Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Filtered by product Debian Linux
Total 8852 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-6649 3 Debian, Google, Opensuse 3 Debian Linux, Chrome, Opensuse 2018-10-30 7.5 HIGH N/A
Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image.
CVE-2013-3559 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
CVE-2013-4076 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2013-4077 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c.
CVE-2013-4082 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet.
CVE-2013-2488 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.
CVE-2013-2487 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 7.8 HIGH N/A
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.
CVE-2013-3561 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 7.8 HIGH N/A
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
CVE-2013-4081 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.
CVE-2013-2485 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 6.1 MEDIUM N/A
The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
CVE-2013-4078 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2013-2483 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 3.3 LOW N/A
The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data.
CVE-2013-3556 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3562 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-2480 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 3.3 LOW N/A
The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-4074 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2013-2064 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2018-10-30 6.8 MEDIUM N/A
Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.
CVE-2013-2481 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 2.9 LOW N/A
Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value.
CVE-2013-4075 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2013-3560 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2018-10-30 5.0 MEDIUM N/A
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.