Vulnerabilities > Debian > Debian Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-12 | CVE-2017-8924 | Integer Underflow (Wrap or Wraparound) vulnerability in Linux Kernel The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow. | 2.1 |
| 2017-04-24 | CVE-2017-3539 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). | 2.1 |
| 2017-04-13 | CVE-2015-8345 | Resource Management Errors vulnerability in multiple products The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | 2.1 |
| 2017-04-11 | CVE-2015-8613 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command. | 1.9 |
| 2017-03-12 | CVE-2017-6817 | Cross-site Scripting vulnerability in Wordpress In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds. | 3.5 |
| 2017-03-12 | CVE-2017-6814 | Cross-site Scripting vulnerability in Wordpress In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata. | 3.5 |
| 2017-02-22 | CVE-2017-6188 | Improper Input Validation vulnerability in multiple products Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. | 1.9 |
| 2017-02-01 | CVE-2016-9963 | Key Management Errors vulnerability in multiple products Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages. | 2.6 |
| 2017-01-27 | CVE-2017-3312 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). | 3.5 |
| 2017-01-27 | CVE-2017-3291 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). | 3.5 |