Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-24 | CVE-2017-6301 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. | 7.8 |
| 2017-02-24 | CVE-2017-6300 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. | 7.8 |
| 2017-02-24 | CVE-2017-6299 | Infinite Loop vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. | 5.5 |
| 2017-02-24 | CVE-2017-6298 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. | 7.8 |
| 2017-02-22 | CVE-2016-1245 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. | 9.8 |
| 2017-02-22 | CVE-2017-6188 | Improper Input Validation vulnerability in multiple products Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. | 5.5 |
| 2017-02-22 | CVE-2016-9956 | Improper Access Control vulnerability in multiple products The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. | 7.5 |
| 2017-02-18 | CVE-2017-6074 | Double Free vulnerability in multiple products The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. | 7.8 |
| 2017-02-17 | CVE-2017-6056 | Infinite Loop vulnerability in multiple products It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. | 7.5 |
| 2017-02-17 | CVE-2017-6014 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. | 7.5 |