Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-28 | CVE-2017-9988 | NULL Pointer Dereference vulnerability in multiple products The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. | 6.5 |
| 2017-06-26 | CVE-2017-9936 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. | 6.5 |
| 2017-06-26 | CVE-2017-9935 | Out-of-bounds Read vulnerability in multiple products In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. | 8.8 |
| 2017-06-26 | CVE-2017-9929 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file. | 5.5 |
| 2017-06-26 | CVE-2017-9928 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file. | 5.5 |
| 2017-06-25 | CVE-2017-9868 | Information Exposure vulnerability in multiple products In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is world readable, which allows local users to obtain sensitive MQTT topic information. | 5.5 |
| 2017-06-25 | CVE-2017-9865 | Out-of-bounds Read vulnerability in multiple products The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc. | 5.5 |
| 2017-06-22 | CVE-2017-9776 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | 7.8 |
| 2017-06-22 | CVE-2017-9775 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | 6.5 |
| 2017-06-21 | CVE-2017-9780 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. | 7.8 |