Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-26 | CVE-2017-12374 | Use After Free vulnerability in multiple products The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2018-01-26 | CVE-2018-5750 | Information Exposure vulnerability in multiple products The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. | 5.5 |
| 2018-01-26 | CVE-2017-18076 | In strategy.rb in OmniAuth before 1.3.2, the authenticity_token value is improperly protected because POST (in addition to GET) parameters are stored in the session and become available in the environment of the callback phase. | 7.5 |
| 2018-01-25 | CVE-2018-6315 | Integer Overflow or Wraparound vulnerability in multiple products The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file. | 8.8 |
| 2018-01-25 | CVE-2017-15132 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. | 7.5 |
| 2018-01-25 | CVE-2018-5748 | Resource Exhaustion vulnerability in multiple products qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply. | 7.5 |
| 2018-01-24 | CVE-2018-1000007 | libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. | 9.8 |
| 2018-01-24 | CVE-2018-1000005 | Out-of-bounds Read vulnerability in multiple products libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. | 9.1 |
| 2018-01-24 | CVE-2018-6192 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file. | 5.5 |
| 2018-01-24 | CVE-2017-12187 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |