Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-30 | CVE-2017-14926 | NULL Pointer Dereference vulnerability in multiple products In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document. | 4.3 |
| 2017-09-29 | CVE-2017-14864 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. | 5.5 |
| 2017-09-29 | CVE-2017-14862 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. | 5.5 |
| 2017-09-29 | CVE-2017-14859 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. | 5.5 |
| 2017-09-25 | CVE-2017-14733 | Out-of-bounds Read vulnerability in multiple products ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | 6.5 |
| 2017-09-21 | CVE-2017-12153 | NULL Pointer Dereference vulnerability in Linux Kernel A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. | 4.9 |
| 2017-09-21 | CVE-2017-14160 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file. | 6.8 |
| 2017-09-21 | CVE-2017-14246 | Out-of-bounds Read vulnerability in multiple products An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | 5.8 |
| 2017-09-21 | CVE-2017-14245 | Out-of-bounds Read vulnerability in multiple products An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | 5.8 |
| 2017-09-21 | CVE-2017-14634 | Divide By Zero vulnerability in multiple products In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. | 4.3 |