Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-06 CVE-2017-6498 Improper Input Validation vulnerability in multiple products
An issue was discovered in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-20
5.5
5.5
2017-03-01 CVE-2016-9830 Improper Input Validation vulnerability in multiple products
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
local
low complexity
graphicsmagick debian opensuse CWE-20
5.5
5.5
2017-03-01 CVE-2017-5976 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-787
5.5
5.5
2017-03-01 CVE-2017-5975 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-787
5.5
5.5
2017-03-01 CVE-2017-5974 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-119
5.5
5.5
2017-03-01 CVE-2016-9559 NULL Pointer Dereference vulnerability in multiple products
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
network
low complexity
imagemagick debian CWE-476
6.5
6.5
2017-02-24 CVE-2017-6299 Infinite Loop vulnerability in multiple products
An issue was discovered in ytnef before 1.9.1.
local
low complexity
ytnef-project debian CWE-835
5.5
5.5
2017-02-22 CVE-2017-6188 Improper Input Validation vulnerability in multiple products
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled.
local
low complexity
munin-monitoring debian CWE-20
5.5
5.5
2017-02-17 CVE-2016-9955 Improper Input Validation vulnerability in multiple products
The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.
local
high complexity
simplesamlphp debian CWE-20
6.3
6.3
2017-02-16 CVE-2017-6011 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in icoutils 0.31.1.
local
low complexity
icoutils-project debian redhat CWE-125
5.5
5.5