Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-08 CVE-2018-10380 Link Following vulnerability in multiple products
kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.
local
low complexity
kde debian opensuse CWE-59
7.2
2018-05-01 CVE-2017-18264 An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases.
network
low complexity
phpmyadmin debian
7.5
2018-05-01 CVE-2018-10583 Information Exposure vulnerability in multiple products
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
network
low complexity
libreoffice apache debian redhat canonical CWE-200
7.5
2018-04-29 CVE-2018-10537 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in WavPack 5.1.0 and earlier.
local
low complexity
wavpack debian CWE-119
7.8
2018-04-29 CVE-2018-10536 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in WavPack 5.1.0 and earlier.
local
low complexity
wavpack debian CWE-787
7.8
2018-04-26 CVE-2016-9602 Link Following vulnerability in multiple products
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS.
network
low complexity
qemu debian CWE-59
8.8
2018-04-24 CVE-2018-3836 OS Command Injection vulnerability in multiple products
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4.
local
low complexity
leptonica debian CWE-78
7.8
2018-04-24 CVE-2017-2885 Out-of-bounds Write vulnerability in multiple products
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58.
network
low complexity
gnome debian redhat CWE-787
7.5
2018-04-24 CVE-2017-14448 Out-of-bounds Write vulnerability in multiple products
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2.
network
low complexity
libsdl debian CWE-787
8.8
2018-04-24 CVE-2017-14442 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2.
network
low complexity
libsdl debian CWE-119
8.8