1. Home
  2. CVEs with refmap.debian==DSA-427
Max CVSS 7.8 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-5391 7.8
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments
28-12-2022 - 18:07 06-09-2018 - 21:29
CVE-2018-3639 2.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access vi
13-08-2021 - 15:26 22-05-2018 - 12:29
CVE-2018-14432 3.5
In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects th
04-08-2021 - 17:15 31-07-2018 - 14:29
CVE-2017-7658 7.5
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a
20-07-2021 - 23:15 26-06-2018 - 17:29
CVE-2017-7657 7.5
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow
20-07-2021 - 23:15 26-06-2018 - 16:29
CVE-2017-7656 5.0
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declare
20-07-2021 - 23:15 26-06-2018 - 15:29
CVE-2018-3640 4.7
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue Sy
24-08-2020 - 17:37 22-05-2018 - 12:29
CVE-2018-3646 4.7
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fau
24-08-2020 - 17:37 14-08-2018 - 19:29
CVE-2018-3620 4.7
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel an
24-08-2020 - 17:37 14-08-2018 - 19:29
CVE-2018-14354 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscripti
24-08-2020 - 17:37 17-07-2018 - 17:29
CVE-2018-14357 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.
24-08-2020 - 17:37 17-07-2018 - 17:29
CVE-2018-14363 5.0
An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.
21-05-2020 - 01:16 17-07-2018 - 17:29
CVE-2018-14349 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.
20-05-2020 - 01:47 17-07-2018 - 17:29
CVE-2018-14350 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.
20-05-2020 - 01:39 17-07-2018 - 17:29
CVE-2018-14351 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.
20-05-2020 - 01:33 17-07-2018 - 17:29
CVE-2018-14352 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.
20-05-2020 - 01:25 17-07-2018 - 17:29
CVE-2018-14353 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow.
20-05-2020 - 01:23 17-07-2018 - 17:29
CVE-2018-14355 5.0
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.
20-05-2020 - 01:19 17-07-2018 - 17:29
CVE-2018-14356 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.
20-05-2020 - 01:07 17-07-2018 - 17:29
CVE-2018-14358 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.
20-05-2020 - 00:48 17-07-2018 - 17:29
CVE-2018-14362 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.
19-05-2020 - 17:19 17-07-2018 - 17:29
CVE-2018-14361 7.5
An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data.
19-05-2020 - 17:18 17-07-2018 - 17:29
CVE-2018-14360 7.5
An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.
19-05-2020 - 17:17 17-07-2018 - 17:29
CVE-2018-14359 7.5
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.
19-05-2020 - 17:13 17-07-2018 - 17:29
CVE-2018-10919 4.0
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Sa
09-10-2019 - 23:33 22-08-2018 - 17:29
CVE-2018-10858 6.5
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and
26-06-2019 - 08:15 22-08-2018 - 17:29
CVE-2018-14424 4.6
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting
18-10-2018 - 20:21 14-08-2018 - 18:29
CVE-2017-9774 6.5
Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.
18-08-2018 - 10:29 21-06-2017 - 18:29
CVE-2017-9773 4.3
Denial of Service was found in Horde_Image 2.x before 2.5.0 via a crafted URL to the "Null" image driver.
18-08-2018 - 10:29 21-06-2017 - 18:29
CVE-2017-14650 6.8
A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because the code path to the vulnerability
18-08-2018 - 10:29 21-09-2017 - 17:29
CVE-2003-0985 7.2
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing
03-05-2018 - 01:29 20-01-2004 - 05:00
Back to Top Mark selected
Back to Top