Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-04 | CVE-2016-1000341 | 7PK - Time and State vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. | 4.3 |
| 2018-06-04 | CVE-2016-1000339 | Cryptographic Issues vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. | 5.0 |
| 2018-05-31 | CVE-2016-10538 | Race Condition vulnerability in multiple products The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. | 4.9 |
| 2018-05-31 | CVE-2018-5388 | Out-of-bounds Write vulnerability in multiple products In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. | 6.5 |
| 2018-05-30 | CVE-2018-10995 | Improper Input Validation vulnerability in multiple products SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields). | 5.0 |
| 2018-05-30 | CVE-2018-11439 | Out-of-bounds Read vulnerability in multiple products The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. | 4.3 |
| 2018-05-30 | CVE-2018-11235 | Path Traversal vulnerability in multiple products In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. | 6.8 |
| 2018-05-26 | CVE-2018-11504 | Out-of-bounds Read vulnerability in multiple products The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html. | 4.3 |
| 2018-05-26 | CVE-2018-11503 | Out-of-bounds Read vulnerability in multiple products The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html. | 4.3 |
| 2018-05-26 | CVE-2018-11496 | Use After Free vulnerability in multiple products In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation. | 6.5 |