Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-04-19 | CVE-2018-2782 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
2018-04-19 | CVE-2018-2781 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
2018-04-19 | CVE-2018-2771 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). | 4.4 |
2018-04-19 | CVE-2018-2766 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 6.8 |
2018-04-19 | CVE-2018-2761 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). | 4.3 |
2018-04-18 | CVE-2018-1000164 | CRLF Injection vulnerability in multiple products gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers. | 5.0 |
2018-04-17 | CVE-2018-6798 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Perl 5.22 through 5.26. | 5.0 |
2018-04-16 | CVE-2018-10102 | Cross-site Scripting vulnerability in Wordpress Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag. | 4.3 |
2018-04-16 | CVE-2018-10101 | Open Redirect vulnerability in Wordpress Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server. | 5.8 |
2018-04-16 | CVE-2018-10100 | Open Redirect vulnerability in Wordpress Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS. | 5.8 |