Vulnerabilities > Debian > Debian Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-31 | CVE-2014-5008 | Command Injection vulnerability in multiple products Snoopy allows remote attackers to execute arbitrary commands. | 9.8 |
| 2017-03-24 | CVE-2017-5511 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. | 9.8 |
| 2017-03-23 | CVE-2017-5897 | Out-of-bounds Read vulnerability in multiple products The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access. | 9.8 |
| 2017-03-15 | CVE-2017-5522 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests. | 9.8 |
| 2017-03-15 | CVE-2016-10195 | Out-of-bounds Read vulnerability in multiple products The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read. | 9.8 |
| 2017-03-07 | CVE-2016-8863 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request. | 9.8 |
| 2017-02-27 | CVE-2017-5946 | Path Traversal vulnerability in multiple products The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. | 9.8 |
| 2017-02-22 | CVE-2016-1245 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. | 9.8 |
| 2017-02-09 | CVE-2016-2148 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing. | 9.8 |
| 2017-02-06 | CVE-2016-7447 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. | 9.8 |