Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-19	CVE-2018-2781	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity debian netapp canonical mariadb oracle redhat	4.0
2018-04-19	CVE-2018-2773	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). local oracle debian canonical	1.9
2018-04-19	CVE-2018-2771	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). network high complexity oracle debian canonical mariadb redhat netapp	4.4
2018-04-19	CVE-2018-2766	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle canonical mariadb debian netapp	6.8
2018-04-19	CVE-2018-2761	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). network oracle debian canonical mariadb netapp redhat	4.3
2018-04-19	CVE-2018-2755	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). local high complexity oracle debian canonical mariadb netapp redhat	3.7
2018-04-18	CVE-2018-10194	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. local low complexity artifex canonical debian redhat CWE-119	7.8
2018-04-18	CVE-2018-1000164	CRLF Injection vulnerability in multiple products gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers. network low complexity gunicorn debian CWE-93	5.0
2018-04-18	CVE-2018-1088	Incorrect Privilege Assignment vulnerability in multiple products A privilege escalation flaw was found in gluster 3.x snapshot scheduler. network high complexity redhat opensuse debian CWE-266	8.1
2018-04-17	CVE-2018-10191	Integer Overflow or Wraparound vulnerability in multiple products In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. network low complexity mruby debian CWE-190	7.5