Vulnerabilities > Debian > Low

DATE CVE VULNERABILITY TITLE RISK
2017-12-27 CVE-2017-17864 Information Exposure vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
local
low complexity
linux debian CWE-200
3.3
2017-12-06 CVE-2017-17433 Missing Authorization vulnerability in multiple products
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.
network
high complexity
debian samba CWE-862
3.7
2017-12-03 CVE-2017-8822 Channel and Path Errors vulnerability in multiple products
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012.
network
high complexity
tor-project debian CWE-417
3.7
2017-10-27 CVE-2017-5081 Improper Input Validation vulnerability in multiple products
Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.
local
low complexity
google debian redhat CWE-20
3.3
2017-10-19 CVE-2017-10345 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
high complexity
oracle debian redhat netapp
3.1
2017-08-08 CVE-2017-10193 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle debian netapp redhat
3.1
2017-08-08 CVE-2017-3653 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
high complexity
oracle debian redhat mariadb
3.1
2017-04-24 CVE-2017-3533 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian
3.7
2017-04-24 CVE-2017-3539 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle redhat debian
3.1
2017-04-24 CVE-2017-3544 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian google
3.7