Vulnerabilities > Debian > Debian Linux > 10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-27 | CVE-2017-5113 | Out-of-bounds Write vulnerability in multiple products Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2017-10-27 | CVE-2017-5111 | Use After Free vulnerability in multiple products A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. | 8.8 |
| 2017-09-29 | CVE-2017-14864 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. | 5.5 |
| 2017-09-29 | CVE-2017-14862 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. | 5.5 |
| 2017-09-29 | CVE-2017-14859 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. | 5.5 |
| 2017-09-20 | CVE-2017-14604 | Improper Input Validation vulnerability in multiple products GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. | 6.5 |
| 2017-09-14 | CVE-2017-13725 | Out-of-bounds Read vulnerability in multiple products The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). | 9.8 |
| 2017-09-14 | CVE-2017-13687 | Out-of-bounds Read vulnerability in multiple products The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). | 9.8 |
| 2017-09-14 | CVE-2017-13028 | Out-of-bounds Read vulnerability in multiple products The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). | 9.8 |
| 2017-09-14 | CVE-2017-13024 | Out-of-bounds Read vulnerability in multiple products The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). | 9.8 |