Vulnerabilities > Debian > Debian Linux
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-02-28 | CVE-2018-7553 | Out-of-bounds Write vulnerability in multiple products There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. | 7.5 |
2018-02-28 | CVE-2018-7552 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4. | 7.5 |
2018-02-28 | CVE-2018-7551 | Use After Free vulnerability in multiple products There is an invalid free in MiniPS::delete0 in minips.cpp that leads to a Segmentation fault in sam2p 0.49.4. | 7.5 |
2018-02-27 | CVE-2017-7671 | Improper Input Validation vulnerability in multiple products There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. | 7.5 |
2018-02-27 | CVE-2017-5660 | Improper Input Validation vulnerability in multiple products There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. | 8.6 |
2018-02-27 | CVE-2018-7542 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC. | 4.9 |
2018-02-27 | CVE-2018-7541 | An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1. | 6.1 |
2018-02-27 | CVE-2018-7540 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. | 4.9 |
2018-02-27 | CVE-2018-0489 | Improper Verification of Cryptographic Signature vulnerability in multiple products Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. | 6.4 |
2018-02-26 | CVE-2018-7490 | Path Traversal vulnerability in multiple products uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal. | 5.0 |