Vulnerabilities > Debian > Debian Linux > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-12-06 | CVE-2017-17433 | Missing Authorization vulnerability in multiple products The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions. | 3.7 |
2017-12-03 | CVE-2017-8822 | Channel and Path Errors vulnerability in multiple products In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012. | 3.7 |
2017-10-27 | CVE-2017-5081 | Improper Input Validation vulnerability in multiple products Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files. | 3.3 |
2017-10-19 | CVE-2017-10345 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). | 3.1 |
2017-08-08 | CVE-2017-10193 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). | 3.1 |
2017-08-08 | CVE-2017-3653 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). | 3.1 |
2017-04-24 | CVE-2017-3533 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). | 3.7 |
2017-04-24 | CVE-2017-3539 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). | 3.1 |
2017-04-24 | CVE-2017-3544 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). | 3.7 |
2017-01-06 | CVE-2016-2380 | Out-of-bounds Read vulnerability in multiple products An information leak exists in the handling of the MXIT protocol in Pidgin. | 3.1 |