Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-04-29 CVE-2018-10536 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in WavPack 5.1.0 and earlier.
local
low complexity
wavpack debian CWE-787
7.8
7.8
2018-04-26 CVE-2016-9602 Link Following vulnerability in multiple products
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS.
network
low complexity
qemu debian CWE-59
8.8
8.8
2018-04-26 CVE-2018-10393 Out-of-bounds Read vulnerability in multiple products
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
network
low complexity
xiph-org debian redhat CWE-125
7.5
7.5
2018-04-26 CVE-2018-10392 Out-of-bounds Write vulnerability in multiple products
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.
network
low complexity
xiph-org debian redhat CWE-787
8.8
8.8
2018-04-25 CVE-2017-7652 In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk.
network
high complexity
eclipse debian
7.5
7.5
2018-04-24 CVE-2018-3836 OS Command Injection vulnerability in multiple products
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4.
local
low complexity
leptonica debian CWE-78
7.8
7.8
2018-04-24 CVE-2017-2924 Out-of-bounds Write vulnerability in multiple products
An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3.
network
low complexity
freexl-project debian CWE-787
8.8
8.8
2018-04-24 CVE-2017-2923 Out-of-bounds Write vulnerability in multiple products
An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3.
network
low complexity
freexl-project debian CWE-787
8.8
8.8
2018-04-24 CVE-2017-2918 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c.
local
low complexity
blender debian CWE-190
7.8
7.8
2018-04-24 CVE-2017-2908 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c.
local
low complexity
blender debian CWE-190
7.8
7.8