Vulnerabilities > Debian > Debian Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-19 | CVE-2018-2755 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). | 3.7 |
| 2018-04-16 | CVE-2018-10124 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument. | 2.1 |
| 2018-04-13 | CVE-2017-0365 | Cross-site Scripting vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS vulnerability in SearchHighlighter::highlightText() with non-default configurations. | 2.6 |
| 2018-04-13 | CVE-2017-0361 | Information Exposure vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext. | 2.1 |
| 2018-04-13 | CVE-2018-10087 | Improper Input Validation vulnerability in Linux Kernel The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value. | 2.1 |
| 2018-04-12 | CVE-2018-10061 | Cross-site Scripting vulnerability in multiple products Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used). | 3.5 |
| 2018-04-12 | CVE-2018-10060 | Cross-site Scripting vulnerability in multiple products Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php. | 3.5 |
| 2018-04-04 | CVE-2017-13305 | Out-of-bounds Read vulnerability in multiple products A information disclosure vulnerability in the Upstream kernel encrypted-keys. | 3.6 |
| 2018-04-04 | CVE-2018-9251 | Infinite Loop vulnerability in multiple products The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035. | 2.6 |
| 2018-03-13 | CVE-2018-1050 | NULL Pointer Dereference vulnerability in multiple products All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. | 3.3 |