Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-27 | CVE-2017-3258 | Improper Input Validation vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). | 4.0 |
| 2017-01-27 | CVE-2017-3257 | Improper Privilege Management vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). | 4.0 |
| 2017-01-27 | CVE-2017-3244 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). | 4.0 |
| 2017-01-27 | CVE-2017-3243 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). | 4.4 |
| 2017-01-27 | CVE-2017-3238 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
| 2017-01-27 | CVE-2016-9453 | Out-of-bounds Write vulnerability in multiple products The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one. | 6.8 |
| 2017-01-27 | CVE-2016-10002 | Information Exposure vulnerability in multiple products Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. | 5.0 |
| 2017-01-24 | CVE-2016-10159 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive. | 5.0 |
| 2017-01-23 | CVE-2015-8971 | Command Injection vulnerability in multiple products Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063. | 4.6 |
| 2017-01-18 | CVE-2016-7799 | Out-of-bounds Read vulnerability in multiple products MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | 4.3 |