Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2017-03-15 CVE-2016-10155 Memory Leak vulnerability in multiple products
Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
local
low complexity
qemu debian CWE-401
6.0
6.0
2017-03-15 CVE-2017-6060 Out-of-bounds Write vulnerability in multiple products
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc.
local
low complexity
artifex debian CWE-787
7.8
7.8
2017-03-15 CVE-2017-5938 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.
network
low complexity
debian opensuse-project opensuse viewvc CWE-79
6.1
6.1
2017-03-12 CVE-2017-6817 Cross-site Scripting vulnerability in multiple products
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
network
low complexity
wordpress debian CWE-79
5.4
5.4
2017-03-12 CVE-2017-6816 Incorrect Authorization vulnerability in multiple products
In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality.
network
low complexity
wordpress debian CWE-863
4.9
4.9
2017-03-12 CVE-2017-6815 Improper Input Validation vulnerability in multiple products
In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL validation.
network
low complexity
wordpress debian CWE-20
6.1
6.1
2017-03-12 CVE-2017-6814 Cross-site Scripting vulnerability in multiple products
In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata.
network
low complexity
wordpress debian CWE-79
5.4
5.4
2017-03-10 CVE-2017-6802 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ytnef before 1.9.2.
network
low complexity
ytnef-project debian CWE-125
7.5
7.5
2017-03-10 CVE-2017-6801 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ytnef before 1.9.2.
network
low complexity
ytnef-project debian CWE-125
7.5
7.5
2017-03-10 CVE-2017-6800 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ytnef before 1.9.2.
network
low complexity
ytnef-project debian CWE-125
7.5
7.5