Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-22 | CVE-2017-11521 | Resource Exhaustion vulnerability in multiple products The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service (memory consumption) by triggering many media connections. | 7.5 |
2017-07-21 | CVE-2015-5300 | 7PK - Time and State vulnerability in multiple products The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart). | 7.5 |
2017-07-21 | CVE-2015-5219 | Incorrect Type Conversion or Cast vulnerability in multiple products The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. | 7.5 |
2017-07-21 | CVE-2015-5195 | Improper Input Validation vulnerability in multiple products ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation. | 7.5 |
2017-07-21 | CVE-2015-5194 | Improper Input Validation vulnerability in multiple products The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. | 7.5 |
2017-07-19 | CVE-2017-11450 | coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | 8.8 |
2017-07-18 | CVE-2017-11409 | Excessive Iteration vulnerability in multiple products In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. | 7.5 |
2017-07-18 | CVE-2017-11407 | Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. | 7.5 |
2017-07-18 | CVE-2017-11406 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. | 7.5 |
2017-07-17 | CVE-2017-10978 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service. | 7.5 |