Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-21 | CVE-2017-0918 | Path Traversal vulnerability in Gitlab Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution. | 6.5 |
| 2018-03-21 | CVE-2017-0917 | Improper Input Validation vulnerability in multiple products Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting. | 4.3 |
| 2018-03-21 | CVE-2017-18241 | NULL Pointer Dereference vulnerability in Linux Kernel fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure. | 4.9 |
| 2018-03-18 | CVE-2018-8754 | Out-of-bounds Read vulnerability in multiple products The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. | 5.5 |
| 2018-03-16 | CVE-2018-1068 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. | 6.7 |
| 2018-03-15 | CVE-2017-18238 | Infinite Loop vulnerability in multiple products An issue was discovered in Exempi before 2.4.4. | 4.3 |
| 2018-03-15 | CVE-2017-18236 | Infinite Loop vulnerability in multiple products An issue was discovered in Exempi before 2.4.4. | 4.3 |
| 2018-03-15 | CVE-2017-18234 | Use After Free vulnerability in multiple products An issue was discovered in Exempi before 2.4.3. | 6.8 |
| 2018-03-15 | CVE-2017-18233 | Infinite Loop vulnerability in multiple products An issue was discovered in Exempi before 2.4.4. | 4.3 |
| 2018-03-14 | CVE-2018-1000122 | Out-of-bounds Read vulnerability in multiple products A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage | 6.4 |