Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-29 | CVE-2018-14734 | Use After Free vulnerability in multiple products drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). | 7.8 |
2018-07-28 | CVE-2018-14682 | Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. | 8.8 |
2018-07-28 | CVE-2018-14681 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. | 8.8 |
2018-07-28 | CVE-2018-14678 | Improper Initialization vulnerability in multiple products An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. | 7.8 |
2018-07-27 | CVE-2016-9578 | Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. | 7.5 |
2018-07-27 | CVE-2016-9577 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. | 8.8 |
2018-07-27 | CVE-2018-1056 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. | 7.8 |
2018-07-27 | CVE-2017-2624 | Information Exposure vulnerability in multiple products It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. | 7.0 |
2018-07-27 | CVE-2017-15119 | Resource Exhaustion vulnerability in multiple products The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. | 8.6 |
2018-07-27 | CVE-2017-2670 | Infinite Loop vulnerability in multiple products It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS. | 7.5 |