Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-24 | CVE-2017-12082 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. | 7.8 |
| 2018-04-24 | CVE-2017-12081 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. | 7.8 |
| 2018-04-24 | CVE-2017-7651 | Resource Exhaustion vulnerability in multiple products In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memory with a lot of connections with large payload. | 5.0 |
| 2018-04-24 | CVE-2018-10323 | NULL Pointer Dereference vulnerability in multiple products The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image. | 4.9 |
| 2018-04-24 | CVE-2016-9601 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. | 5.5 |
| 2018-04-23 | CVE-2018-1106 | Improper Authentication vulnerability in multiple products An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. | 2.1 |
| 2018-04-23 | CVE-2018-8781 | Integer Overflow or Wraparound vulnerability in multiple products The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space. | 7.8 |
| 2018-04-23 | CVE-2017-17833 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability. | 7.5 |
| 2018-04-22 | CVE-2018-10289 | Infinite Loop vulnerability in multiple products In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. | 4.3 |
| 2018-04-20 | CVE-2017-2825 | Man in the Middle Security Bypass vulnerability in Zabbix Proxy Server In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. | 6.8 |