Vulnerabilities > Debian > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-06 | CVE-2018-5208 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | 7.5 |
| 2018-01-06 | CVE-2018-5206 | NULL Pointer Dereference vulnerability in multiple products When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | 7.5 |
| 2018-01-03 | CVE-2017-1000476 | Resource Exhaustion vulnerability in multiple products ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. | 7.1 |
| 2018-01-03 | CVE-2017-1000501 | Path Traversal vulnerability in multiple products Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution. | 7.5 |
| 2017-12-30 | CVE-2017-17997 | NULL Pointer Dereference vulnerability in multiple products In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. | 7.5 |
| 2017-12-29 | CVE-2014-4914 | SQL Injection vulnerability in multiple products The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors. | 7.5 |
| 2017-12-27 | CVE-2017-17935 | Out-of-bounds Read vulnerability in multiple products The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line. | 7.5 |
| 2017-12-27 | CVE-2017-17914 | Excessive Iteration vulnerability in multiple products In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file. | 7.1 |
| 2017-12-27 | CVE-2017-17863 | Integer Overflow or Wraparound vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact. | 7.2 |
| 2017-12-27 | CVE-2017-17857 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations. | 7.8 |