Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2017-02-24 CVE-2017-6305 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-787
7.8
7.8
2017-02-24 CVE-2017-6304 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-125
7.8
7.8
2017-02-24 CVE-2017-6303 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-190
7.8
7.8
2017-02-24 CVE-2017-6302 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-190
7.8
7.8
2017-02-24 CVE-2017-6301 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-125
7.8
7.8
2017-02-24 CVE-2017-6300 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-119
7.8
7.8
2017-02-24 CVE-2017-6298 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-476
7.8
7.8
2017-02-22 CVE-2016-1245 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages.
network
low complexity
quagga debian CWE-119
7.5
7.5
2017-02-22 CVE-2016-9956 Improper Access Control vulnerability in multiple products
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script.
network
low complexity
debian fedoraproject flightgear CWE-284
7.5
7.5
2017-02-18 CVE-2017-6074 Double Free vulnerability in multiple products
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
local
low complexity
linux debian CWE-415
7.8
7.8