Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2017-08-10 CVE-2016-6794 When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager.
network
low complexity
apache debian redhat netapp canonical oracle
5.3
5.3
2017-08-10 CVE-2016-5018 In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.
network
low complexity
apache netapp canonical debian redhat oracle
critical
 9.1
9.1
2017-08-10 CVE-2016-0762 Information Exposure Through Discrepancy vulnerability in multiple products
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist.
network
high complexity
apache canonical debian redhat netapp oracle CWE-203
5.9
5.9
2017-08-09 CVE-2015-3405 Insufficient Entropy vulnerability in multiple products
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys. 		7.5
7.5
2017-08-08 CVE-2017-3653 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
high complexity
oracle debian redhat mariadb
3.1
3.1
2017-08-08 CVE-2017-3652 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
high complexity
oracle debian
4.2
4.2
2017-08-08 CVE-2017-3651 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump).
network
low complexity
oracle mariadb debian redhat
4.3
4.3
2017-08-08 CVE-2017-3648 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets).
network
high complexity
oracle debian
4.4
4.4
2017-08-08 CVE-2017-3641 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle debian redhat mariadb
4.9
4.9
2017-08-08 CVE-2017-3636 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).
local
low complexity
oracle debian redhat mariadb
5.3
5.3