Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-03 | CVE-2017-1000501 | Path Traversal vulnerability in multiple products Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution. | 9.8 |
| 2018-01-03 | CVE-2017-18017 | Use After Free vulnerability in multiple products The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. | 9.8 |
| 2018-01-02 | CVE-2017-1000433 | Improper Authentication vulnerability in multiple products pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. | 8.1 |
| 2018-01-02 | CVE-2017-1000422 | Integer Overflow or Wraparound vulnerability in multiple products Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution | 8.8 |
| 2018-01-02 | CVE-2017-1000421 | Use After Free vulnerability in multiple products Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution | 9.8 |
| 2018-01-02 | CVE-2017-1000456 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations. | 8.8 |
| 2018-01-02 | CVE-2017-1000450 | Integer Overflow or Wraparound vulnerability in multiple products In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. | 8.8 |
| 2018-01-02 | CVE-2017-1000445 | NULL Pointer Dereference vulnerability in multiple products ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service | 6.5 |
| 2017-12-31 | CVE-2017-18005 | NULL Pointer Dereference vulnerability in multiple products Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file. | 5.5 |
| 2017-12-30 | CVE-2017-17997 | NULL Pointer Dereference vulnerability in multiple products In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. | 7.5 |