Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-29 | CVE-2018-10545 | Information Exposure vulnerability in PHP An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. | 1.9 |
| 2018-04-29 | CVE-2018-10540 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for W64 input. | 5.5 |
| 2018-04-29 | CVE-2018-10539 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. | 5.5 |
| 2018-04-29 | CVE-2018-10538 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for WAV input. | 5.5 |
| 2018-04-29 | CVE-2018-10537 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier. | 7.8 |
| 2018-04-29 | CVE-2018-10536 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier. | 7.8 |
| 2018-04-27 | CVE-2018-10472 | Information Exposure vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot. | 1.9 |
| 2018-04-27 | CVE-2018-10471 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754. | 4.9 |
| 2018-04-26 | CVE-2016-9602 | Link Following vulnerability in multiple products Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. | 8.8 |
| 2018-04-26 | CVE-2018-10393 | Out-of-bounds Read vulnerability in multiple products bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | 5.0 |