Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-16 | CVE-2015-7504 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode. | 8.8 |
| 2017-10-16 | CVE-2016-8734 | Resource Exhaustion vulnerability in multiple products Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. | 6.5 |
| 2017-10-16 | CVE-2017-15372 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. | 4.3 |
| 2017-10-16 | CVE-2017-15371 | Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. | 4.3 |
| 2017-10-16 | CVE-2017-15370 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. | 4.3 |
| 2017-10-14 | CVE-2017-12629 | XXE vulnerability in multiple products Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. | 9.8 |
| 2017-10-11 | CVE-2017-2888 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. | 6.8 |
| 2017-10-11 | CVE-2017-2887 | Out-of-bounds Write vulnerability in multiple products An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. | 6.8 |
| 2017-10-11 | CVE-2017-0903 | Deserialization of Untrusted Data vulnerability in multiple products RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. | 7.5 |
| 2017-10-11 | CVE-2017-15238 | Use After Free vulnerability in multiple products ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage. | 8.8 |