Vulnerabilities > Debian > Debian Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-14 | CVE-2018-1000120 | Out-of-bounds Write vulnerability in multiple products A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. | 9.8 |
| 2018-03-14 | CVE-2018-1000132 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. | 9.1 |
| 2018-03-13 | CVE-2018-7750 | Improper Authentication vulnerability in multiple products transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. | 9.8 |
| 2018-03-13 | CVE-2018-1000076 | Improper Verification of Cryptographic Signature vulnerability in multiple products RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Verification of Cryptographic Signature vulnerability in package.rb that can result in a mis-signed gem could be installed, as the tarball would contain multiple gem signatures.. | 9.8 |
| 2018-03-07 | CVE-2018-1000116 | Out-of-bounds Write vulnerability in multiple products NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution. | 9.8 |
| 2018-03-01 | CVE-2018-7584 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. | 9.8 |
| 2018-02-28 | CVE-2018-7556 | Information Exposure vulnerability in multiple products LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file. | 9.1 |
| 2018-02-28 | CVE-2018-7554 | Use After Free vulnerability in multiple products There is an invalid free in ReadImage in input-bmp.ci that leads to a Segmentation fault in sam2p 0.49.4. | 9.8 |
| 2018-02-28 | CVE-2018-7553 | Out-of-bounds Write vulnerability in multiple products There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. | 9.8 |
| 2018-02-28 | CVE-2018-7552 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4. | 9.8 |