Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-1000363 | Out-of-bounds Write vulnerability in multiple products Linux drivers/char/lp.c Out-of-Bounds Write. | 7.8 |
| 2017-07-11 | CVE-2017-11176 | Use After Free vulnerability in multiple products The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. | 7.8 |
| 2017-07-10 | CVE-2017-11139 | Double Free vulnerability in multiple products GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. | 7.5 |
| 2017-07-04 | CVE-2017-10810 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures. | 7.5 |
| 2017-06-29 | CVE-2017-10672 | Use After Free vulnerability in multiple products Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call. | 7.5 |
| 2017-06-21 | CVE-2017-9780 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. | 7.2 |
| 2017-06-21 | CVE-2017-9766 | Uncontrolled Recursion vulnerability in multiple products In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c. | 7.5 |
| 2017-06-20 | CVE-2017-7668 | Out-of-bounds Read vulnerability in multiple products The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. | 7.5 |
| 2017-06-19 | CVE-2017-1000376 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. | 7.0 |
| 2017-06-19 | CVE-2017-1000366 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. | 7.2 |