Vulnerabilities > Debian > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-25 | CVE-2015-5211 | Files or Directories Accessible to External Parties vulnerability in multiple products Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. | 9.6 |
2017-05-23 | CVE-2017-9214 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`. | 9.8 |
2017-05-23 | CVE-2016-9843 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | 9.8 |
2017-05-23 | CVE-2016-9841 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | 9.8 |
2017-05-23 | CVE-2016-5178 | Improper Input Validation vulnerability in multiple products Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | 9.8 |
2017-05-22 | CVE-2017-2520 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in certain Apple products. | 9.8 |
2017-05-22 | CVE-2017-2519 | An issue was discovered in certain Apple products. | 9.8 |
2017-05-22 | CVE-2017-2518 | Use After Free vulnerability in multiple products An issue was discovered in certain Apple products. | 9.8 |
2017-05-02 | CVE-2016-10243 | Improper Input Validation vulnerability in multiple products TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file. | 9.8 |
2017-04-28 | CVE-2017-7895 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. | 9.8 |