Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2017-05-23 CVE-2016-9840 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. 8.8
2017-05-23 CVE-2016-5177 Use After Free vulnerability in multiple products
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
8.8
2017-05-22 CVE-2017-6891 Out-of-bounds Write vulnerability in multiple products
Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g.
network
low complexity
gnu debian apache CWE-787
8.8
2017-05-22 CVE-2017-2520 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple debian CWE-787
7.5
2017-05-22 CVE-2017-2519 Multiple Security vulnerability in Apple iOS/WatchOS/tvOS/macOS
An issue was discovered in certain Apple products.
network
low complexity
apple debian
7.5
2017-05-22 CVE-2017-2518 Use After Free vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple debian CWE-416
7.5
2017-05-19 CVE-2017-9078 Double Free vulnerability in multiple products
The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.
8.5
2017-05-19 CVE-2017-9076 The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
local
low complexity
linux debian
7.8
2017-05-19 CVE-2017-9075 The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
local
low complexity
linux debian
7.8
2017-05-17 CVE-2017-8849 Improper Input Validation vulnerability in multiple products
smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.
local
low complexity
smb4k-project debian CWE-20
7.2