Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-16 | CVE-2017-5617 | Server-Side Request Forgery (SSRF) vulnerability in multiple products The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG file. | 7.4 |
| 2017-03-15 | CVE-2017-5522 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests. | 7.5 |
| 2017-03-15 | CVE-2016-10195 | Out-of-bounds Read vulnerability in multiple products The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read. | 7.5 |
| 2017-03-10 | CVE-2017-6802 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
| 2017-03-10 | CVE-2017-6801 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
| 2017-03-10 | CVE-2017-6800 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
| 2017-03-10 | CVE-2016-8714 | Classic Buffer Overflow vulnerability in multiple products An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. | 8.8 |
| 2017-03-10 | CVE-2017-6313 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file. | 7.1 |
| 2017-03-07 | CVE-2017-2636 | Double Free vulnerability in multiple products Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. | 7.0 |
| 2017-03-07 | CVE-2016-8863 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request. | 7.5 |