Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-21	CVE-2017-18241	NULL Pointer Dereference vulnerability in Linux Kernel fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure. local low complexity linux debian canonical CWE-476	4.9
2018-03-20	CVE-2018-8828	Off-by-one Error vulnerability in multiple products A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. network low complexity kamailio debian CWE-193	7.5
2018-03-20	CVE-2018-8822	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code. local low complexity linux canonical debian CWE-119	7.8
2018-03-18	CVE-2018-8754	Out-of-bounds Read vulnerability in multiple products The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. local low complexity libevt-project debian CWE-125	5.5
2018-03-17	CVE-2018-8741	Path Traversal vulnerability in multiple products A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php. network low complexity squirrelmail debian CWE-22	8.8
2018-03-17	CVE-2018-8740	NULL Pointer Dereference vulnerability in multiple products In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. network low complexity sqlite debian CWE-476	7.5
2018-03-16	CVE-2018-1068	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. local low complexity linux canonical debian redhat CWE-787	6.7
2018-03-15	CVE-2018-7033	SQL Injection vulnerability in multiple products SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD. network low complexity schedmd debian CWE-89	7.5
2018-03-15	CVE-2017-18238	Infinite Loop vulnerability in multiple products An issue was discovered in Exempi before 2.4.4. network exempi-project debian CWE-835	4.3
2018-03-15	CVE-2017-18236	Infinite Loop vulnerability in multiple products An issue was discovered in Exempi before 2.4.4. network exempi-project debian canonical CWE-835	4.3