Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-10 | CVE-2017-6800 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
2017-03-10 | CVE-2016-8714 | Classic Buffer Overflow vulnerability in multiple products An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. | 8.8 |
2017-03-10 | CVE-2017-6313 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file. | 7.1 |
2017-03-07 | CVE-2017-2636 | Double Free vulnerability in multiple products Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. | 7.0 |
2017-03-07 | CVE-2016-8863 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request. | 7.5 |
2017-03-04 | CVE-2017-6474 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. | 7.5 |
2017-03-04 | CVE-2017-6473 | Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. | 7.5 |
2017-03-04 | CVE-2017-6472 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-03-04 | CVE-2017-6471 | Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-03-04 | CVE-2017-6470 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |