Vulnerabilities > Debian > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-24 | CVE-2017-12184 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12183 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12182 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12181 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12180 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12179 | Integer Overflow or Wraparound vulnerability in multiple products xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12178 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12177 | Integer Overflow or Wraparound vulnerability in multiple products xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12176 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-16 | CVE-2018-5704 | Use of Externally-Controlled Format String vulnerability in multiple products Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site. | 9.6 |