Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-06 | CVE-2018-5729 | NULL Pointer Dereference vulnerability in multiple products MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. | 4.7 |
| 2018-03-06 | CVE-2018-7730 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. | 5.5 |
| 2018-03-06 | CVE-2018-7728 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. | 5.5 |
| 2018-03-05 | CVE-2018-7711 | Improper Verification of Cryptographic Signature vulnerability in multiple products HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. | 6.8 |
| 2018-03-05 | CVE-2017-18219 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in GraphicsMagick 1.3.26. | 6.5 |
| 2018-03-05 | CVE-2018-0490 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. | 5.0 |
| 2018-03-05 | CVE-2018-1000115 | Resource Exhaustion vulnerability in multiple products Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). | 5.0 |
| 2018-03-02 | CVE-2017-15130 | A denial of service flaw was found in dovecot before 2.2.34. | 4.3 |
| 2018-03-02 | CVE-2017-14461 | Out-of-bounds Read vulnerability in multiple products A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. | 5.5 |
| 2018-03-02 | CVE-2018-1066 | NULL Pointer Dereference vulnerability in Linux Kernel The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. | 7.1 |