Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-06 | CVE-2018-7730 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. | 5.5 |
2018-03-06 | CVE-2018-7728 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. | 5.5 |
2018-03-05 | CVE-2018-7711 | Improper Verification of Cryptographic Signature vulnerability in multiple products HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. | 6.8 |
2018-03-05 | CVE-2017-18219 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in GraphicsMagick 1.3.26. | 6.5 |
2018-03-05 | CVE-2018-0490 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. | 5.0 |
2018-03-05 | CVE-2018-1000115 | Resource Exhaustion vulnerability in multiple products Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). | 5.0 |
2018-03-02 | CVE-2017-15130 | A denial of service flaw was found in dovecot before 2.2.34. | 4.3 |
2018-03-02 | CVE-2017-14461 | Out-of-bounds Read vulnerability in multiple products A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. | 5.5 |
2018-03-01 | CVE-2017-6932 | Open Redirect vulnerability in multiple products Drupal core 7.x versions before 7.57 has an external link injection vulnerability when the language switcher block is used. | 5.8 |
2018-03-01 | CVE-2017-6929 | Cross-site Scripting vulnerability in multiple products A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. | 4.3 |