Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2017-08-18 CVE-2017-12937 Out-of-bounds Read vulnerability in multiple products
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.
network
low complexity
graphicsmagick debian CWE-125
8.8
8.8
2017-08-18 CVE-2017-12936 Use After Free vulnerability in multiple products
The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.
network
low complexity
graphicsmagick debian CWE-416
8.8
8.8
2017-08-18 CVE-2017-12935 Out-of-bounds Read vulnerability in multiple products
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
network
low complexity
graphicsmagick debian CWE-125
8.8
8.8
2017-08-16 CVE-2017-7548 PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
network
low complexity
postgresql debian
7.5
7.5
2017-08-16 CVE-2017-7546 Improper Authentication vulnerability in multiple products
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.
network
low complexity
postgresql debian CWE-287
critical
 9.8
9.8
2017-08-15 CVE-2017-12864 Integer Overflow or Wraparound vulnerability in multiple products
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow.
network
low complexity
opencv debian CWE-190
8.8
8.8
2017-08-15 CVE-2017-12863 Integer Overflow or Wraparound vulnerability in multiple products
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch.
network
low complexity
opencv debian CWE-190
8.8
8.8
2017-08-15 CVE-2017-12862 Out-of-bounds Write vulnerability in multiple products
In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later.
network
low complexity
opencv debian CWE-787
8.8
8.8
2017-08-11 CVE-2016-6796 A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.
network
low complexity
apache debian netapp canonical oracle redhat
7.5
7.5
2017-08-10 CVE-2016-6797 Incorrect Authorization vulnerability in multiple products
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application.
network
low complexity
apache oracle debian netapp canonical redhat CWE-863
7.5
7.5