Vulnerabilities > Debian > Debian Linux
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-21 | CVE-2017-18241 | NULL Pointer Dereference vulnerability in Linux Kernel fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure. | 4.9 |
2018-03-20 | CVE-2018-8828 | Off-by-one Error vulnerability in multiple products A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. | 7.5 |
2018-03-20 | CVE-2018-8822 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code. | 7.8 |
2018-03-18 | CVE-2018-8754 | Out-of-bounds Read vulnerability in multiple products The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. | 5.5 |
2018-03-17 | CVE-2018-8741 | Path Traversal vulnerability in multiple products A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php. | 8.8 |
2018-03-17 | CVE-2018-8740 | NULL Pointer Dereference vulnerability in multiple products In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. | 7.5 |
2018-03-16 | CVE-2018-1068 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. | 6.7 |
2018-03-15 | CVE-2018-7033 | SQL Injection vulnerability in multiple products SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD. | 7.5 |
2018-03-15 | CVE-2017-18238 | Infinite Loop vulnerability in multiple products An issue was discovered in Exempi before 2.4.4. | 4.3 |
2018-03-15 | CVE-2017-18236 | Infinite Loop vulnerability in multiple products An issue was discovered in Exempi before 2.4.4. | 4.3 |