Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-18	CVE-2017-11406	Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. network low complexity wireshark debian CWE-835	7.5
2017-07-17	CVE-2017-10978	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service. network low complexity freeradius debian redhat CWE-119	7.5
2017-07-17	CVE-2017-11352	In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. network low complexity imagemagick debian canonical	6.5
2017-07-17	CVE-2017-1000363	Out-of-bounds Write vulnerability in multiple products Linux drivers/char/lp.c Out-of-Bounds Write. local low complexity linux debian CWE-787	7.8
2017-07-13	CVE-2017-9788	Improper Input Validation vulnerability in multiple products In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. network low complexity apache debian apple netapp redhat oracle CWE-20 critical	9.1
2017-07-13	CVE-2017-11103	Insufficient Verification of Data Authenticity vulnerability in multiple products Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. network high complexity heimdal-project freebsd samba apple debian CWE-345	8.1
2017-07-13	CVE-2017-11173	Missing anchor in generated regex for rack-cors before 0.4.1 allows a malicious third-party site to perform CORS requests. network low complexity rack-cors-project debian	8.8
2017-07-11	CVE-2017-11176	Use After Free vulnerability in multiple products The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. local low complexity linux debian CWE-416	7.8
2017-07-10	CVE-2017-11139	Double Free vulnerability in multiple products GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. network low complexity graphicsmagick debian CWE-415 critical	9.8
2017-07-08	CVE-2017-11107	Cross-site Scripting vulnerability in multiple products phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the form, element, rdn, or container parameter. network low complexity phpldapadmin-project debian CWE-79	6.1