Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-14 | CVE-2018-1000121 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service | 5.0 |
| 2018-03-14 | CVE-2018-1000132 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. | 6.4 |
| 2018-03-14 | CVE-2017-18231 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GraphicsMagick 1.3.26. | 4.3 |
| 2018-03-14 | CVE-2017-18230 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GraphicsMagick 1.3.26. | 4.3 |
| 2018-03-14 | CVE-2017-18229 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in GraphicsMagick 1.3.26. | 4.3 |
| 2018-03-14 | CVE-2018-8099 | Double Free vulnerability in multiple products Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file. | 4.3 |
| 2018-03-14 | CVE-2018-8098 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file. | 4.3 |
| 2018-03-13 | CVE-2018-1000127 | Improper Locking vulnerability in multiple products memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. | 5.0 |
| 2018-03-13 | CVE-2018-1057 | Incorrect Authorization vulnerability in multiple products On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers). | 6.5 |
| 2018-03-13 | CVE-2018-1000085 | Out-of-bounds Read vulnerability in multiple products ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. | 4.3 |