Vulnerabilities > Debian > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-08 | CVE-2018-14526 | Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in multiple products An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. | 3.3 |
| 2018-08-07 | CVE-2018-5953 | Information Exposure vulnerability in multiple products The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call. | 2.1 |
| 2018-07-31 | CVE-2018-14432 | Information Exposure vulnerability in multiple products In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. | 3.5 |
| 2018-07-28 | CVE-2018-0498 | ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. | 1.9 |
| 2018-07-27 | CVE-2017-2624 | Information Exposure vulnerability in multiple products It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. | 1.9 |
| 2018-07-27 | CVE-2017-7519 | Use of Externally-Controlled Format String vulnerability in multiple products In Ceph, a format string flaw was found in the way libradosstriper parses input from user. | 2.1 |
| 2018-07-26 | CVE-2018-0618 | Cross-site Scripting vulnerability in multiple products Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2018-07-18 | CVE-2018-2952 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). | 3.7 |
| 2018-07-18 | CVE-2018-2767 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). | 3.5 |
| 2018-07-16 | CVE-2014-2079 | Permissions, Privileges, and Access Controls vulnerability in multiple products X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares. | 2.1 |