Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-24 | CVE-2017-2834 | Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. | 6.8 |
| 2018-04-24 | CVE-2017-14450 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. | 5.8 |
| 2018-04-24 | CVE-2017-14449 | Double Free vulnerability in multiple products A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. | 6.8 |
| 2018-04-24 | CVE-2017-7651 | Resource Exhaustion vulnerability in multiple products In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memory with a lot of connections with large payload. | 5.0 |
| 2018-04-24 | CVE-2018-10323 | NULL Pointer Dereference vulnerability in multiple products The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image. | 4.9 |
| 2018-04-24 | CVE-2016-9601 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. | 5.5 |
| 2018-04-22 | CVE-2018-10289 | Infinite Loop vulnerability in multiple products In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. | 4.3 |
| 2018-04-20 | CVE-2017-2825 | Man in the Middle Security Bypass vulnerability in Zabbix Proxy Server In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. | 6.8 |
| 2018-04-19 | CVE-2018-2819 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
| 2018-04-19 | CVE-2018-2818 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). | 4.0 |