Vulnerabilities > Debian > Debian Linux
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-29 | CVE-2017-18078 | Link Following vulnerability in multiple products systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file. | 7.8 |
2018-01-28 | CVE-2018-6360 | Improper Input Validation vulnerability in multiple products mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdl_hook.lua. | 6.8 |
2018-01-27 | CVE-2018-6359 | Use After Free vulnerability in multiple products The decompileIF function (util/decompile.c) in libming through 0.4.8 is vulnerable to a use-after-free, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file. | 6.8 |
2018-01-27 | CVE-2018-6358 | Out-of-bounds Write vulnerability in multiple products The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 is vulnerable to a heap-based buffer overflow, which may allow attackers to cause a denial of service or unspecified other impact via a crafted FDB file. | 6.8 |
2018-01-26 | CVE-2017-12380 | NULL Pointer Dereference vulnerability in multiple products ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
2018-01-26 | CVE-2017-12379 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. | 10.0 |
2018-01-26 | CVE-2017-12378 | Out-of-bounds Read vulnerability in multiple products ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.1 |
2018-01-26 | CVE-2017-12377 | Out-of-bounds Read vulnerability in multiple products ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. | 10.0 |
2018-01-26 | CVE-2017-12376 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. | 9.3 |
2018-01-26 | CVE-2017-12375 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |