Vulnerabilities > Debian > Debian Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2018-10-17 CVE-2018-3139 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian canonical hp
3.1
3.1
2018-10-10 CVE-2018-16738 Improper Authentication vulnerability in multiple products
tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation.
network
high complexity
tinc-vpn debian starwindsoftware CWE-287
3.7
3.7
2018-09-25 CVE-2018-6053 Information Exposure vulnerability in multiple products
Inappropriate implementation in New Tab Page in Google Chrome prior to 64.0.3282.119 allowed a local attacker to view website thumbnail images after clearing browser data via a crafted HTML page.
local
low complexity
google redhat debian CWE-200
3.3
3.3
2018-07-18 CVE-2018-2767 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption).
network
high complexity
oracle debian canonical redhat mariadb netapp
3.1
3.1
2018-07-18 CVE-2018-2952 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency).
network
high complexity
oracle debian canonical hp redhat netapp
3.7
3.7
2018-07-18 CVE-2018-3066 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options).
network
high complexity
oracle netapp canonical debian mariadb redhat
3.3
3.3
2018-07-16 CVE-2018-0361 Improper Input Validation vulnerability in multiple products
ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
local
low complexity
clamav debian CWE-20
3.3
3.3
2018-07-02 CVE-2018-13053 Integer Overflow or Wraparound vulnerability in multiple products
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
local
low complexity
linux canonical debian CWE-190
3.3
3.3
2018-06-04 CVE-2016-1000346 Key Management Errors vulnerability in multiple products
In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated.
network
high complexity
bouncycastle debian CWE-320
3.7
3.7
2018-05-31 CVE-2016-10538 Race Condition vulnerability in multiple products
The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file.
network
low complexity
cli-project debian CWE-362
3.5
3.5