Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-17 | CVE-2017-13084 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | 5.4 |
| 2017-10-17 | CVE-2017-13082 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | 5.8 |
| 2017-10-17 | CVE-2017-13077 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | 5.4 |
| 2017-10-16 | CVE-2016-8734 | Resource Exhaustion vulnerability in multiple products Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. | 6.5 |
| 2017-10-16 | CVE-2017-15372 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. | 4.3 |
| 2017-10-16 | CVE-2017-15371 | Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. | 4.3 |
| 2017-10-16 | CVE-2017-15370 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. | 4.3 |
| 2017-10-11 | CVE-2017-2888 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. | 6.8 |
| 2017-10-11 | CVE-2017-2887 | Out-of-bounds Write vulnerability in multiple products An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. | 6.8 |
| 2017-10-10 | CVE-2017-13723 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp. | 4.6 |