Vulnerabilities > Debian > Debian Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-14 | CVE-2017-13020 | Out-of-bounds Read vulnerability in multiple products The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). | 9.8 |
| 2017-09-14 | CVE-2017-13004 | Out-of-bounds Read vulnerability in multiple products The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header(). | 9.8 |
| 2017-09-14 | CVE-2017-12987 | Out-of-bounds Read vulnerability in multiple products The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). | 9.8 |
| 2017-09-14 | CVE-2017-12902 | Out-of-bounds Read vulnerability in multiple products The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. | 9.8 |
| 2017-09-14 | CVE-2017-12899 | Out-of-bounds Read vulnerability in multiple products The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). | 9.8 |
| 2017-09-14 | CVE-2017-12896 | Out-of-bounds Read vulnerability in multiple products The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). | 9.8 |
| 2017-09-03 | CVE-2017-14122 | Out-of-bounds Read vulnerability in multiple products unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp. | 9.1 |
| 2017-09-01 | CVE-2017-12873 | Session Fixation vulnerability in multiple products SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider (IdP) is misconfigured. | 9.8 |
| 2017-08-31 | CVE-2017-0899 | Code Injection vulnerability in multiple products RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. | 9.8 |
| 2017-08-31 | CVE-2017-14064 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. | 9.8 |