Vulnerabilities > Debian > Debian Linux > 10.0

DATE CVE VULNERABILITY TITLE RISK
2017-10-27 CVE-2017-5116 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google redhat debian CWE-843
8.8
8.8
2017-10-27 CVE-2017-5114 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
network
low complexity
google debian redhat CWE-119
8.8
8.8
2017-10-27 CVE-2017-5113 Out-of-bounds Write vulnerability in multiple products
Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian redhat CWE-787
8.8
8.8
2017-10-27 CVE-2017-5111 Use After Free vulnerability in multiple products
A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
network
low complexity
google redhat debian CWE-416
8.8
8.8
2017-09-29 CVE-2017-14864 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-119
5.5
5.5
2017-09-29 CVE-2017-14862 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-119
5.5
5.5
2017-09-29 CVE-2017-14859 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-119
5.5
5.5
2017-09-14 CVE-2017-13725 Out-of-bounds Read vulnerability in multiple products
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
network
low complexity
tcpdump debian CWE-125
7.5
7.5
2017-09-14 CVE-2017-13687 Out-of-bounds Read vulnerability in multiple products
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
network
low complexity
tcpdump debian CWE-125
7.5
7.5
2017-09-14 CVE-2017-13028 Out-of-bounds Read vulnerability in multiple products
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
network
low complexity
tcpdump debian CWE-125
7.5
7.5