Vulnerabilities > Debian > Debian Linux > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-02	CVE-2018-13053	Integer Overflow or Wraparound vulnerability in Linux Kernel The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. local low complexity linux canonical debian CWE-190	2.1
2018-06-20	CVE-2018-1120	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel A flaw was found affecting the Linux kernel before version 4.17. network linux redhat debian canonical CWE-119	3.5
2018-06-11	CVE-2016-5293	Improper Input Validation vulnerability in multiple products When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. local low complexity mozilla microsoft debian CWE-20	2.1
2018-06-05	CVE-2017-7653	Improper Input Validation vulnerability in multiple products The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. network eclipse debian CWE-20	3.5
2018-05-22	CVE-2018-3639	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. local low complexity intel arm redhat debian canonical siemens oracle mitel sonicwall schneider-electric nvidia microsoft CWE-203	2.1
2018-04-29	CVE-2018-10545	Information Exposure vulnerability in PHP An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. local php canonical debian netapp CWE-200	1.9
2018-04-27	CVE-2018-10472	Information Exposure vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot. local xen debian CWE-200	1.9
2018-04-23	CVE-2018-1106	Improper Authentication vulnerability in multiple products An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. local low complexity packagekit-project redhat canonical debian CWE-287	2.1
2018-04-19	CVE-2018-2790	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). network high complexity oracle redhat debian canonical hp schneider-electric	3.1
2018-04-19	CVE-2018-2773	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). local oracle debian canonical	1.9