Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-18 | CVE-2017-7943 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | 6.5 |
| 2017-04-18 | CVE-2017-7941 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | 6.5 |
| 2017-04-13 | CVE-2015-8345 | Resource Management Errors vulnerability in multiple products The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | 6.5 |
| 2017-04-12 | CVE-2017-7700 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. | 6.5 |
| 2017-04-11 | CVE-2017-7697 | Out-of-bounds Read vulnerability in multiple products In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file. | 5.5 |
| 2017-04-11 | CVE-2015-8613 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command. | 6.5 |
| 2017-04-11 | CVE-2015-8568 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. | 6.5 |
| 2017-04-11 | CVE-2015-8504 | Divide By Zero vulnerability in multiple products Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. | 6.5 |
| 2017-04-11 | CVE-2016-5322 | Out-of-bounds Read vulnerability in multiple products The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | 5.5 |
| 2017-04-10 | CVE-2017-7377 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid. | 6.0 |