Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2017-03-06 CVE-2017-6500 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-125
5.5
5.5
2017-03-06 CVE-2017-6499 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in Magick++ in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-772
5.5
5.5
2017-03-06 CVE-2017-6498 Improper Input Validation vulnerability in multiple products
An issue was discovered in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-20
5.5
5.5
2017-03-04 CVE-2017-6474 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2017-03-04 CVE-2017-6473 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2017-03-04 CVE-2017-6472 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2017-03-04 CVE-2017-6471 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2017-03-04 CVE-2017-6470 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2017-03-04 CVE-2017-6469 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2017-03-04 CVE-2017-6468 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file.
network
low complexity
wireshark debian CWE-20
7.5
7.5