Vulnerabilities > Debian > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-27	CVE-2018-10472	Information Exposure vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot. local xen debian CWE-200	1.9
2018-04-23	CVE-2018-1106	Improper Authentication vulnerability in multiple products An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. local low complexity packagekit-project redhat canonical debian CWE-287	2.1
2018-04-19	CVE-2018-2790	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). network high complexity oracle redhat debian canonical hp schneider-electric	3.1
2018-04-19	CVE-2018-2773	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). local oracle debian canonical	1.9
2018-04-19	CVE-2018-2755	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). local high complexity oracle debian canonical mariadb netapp redhat	3.7
2018-04-16	CVE-2018-10124	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument. local low complexity linux debian canonical CWE-119	2.1
2018-04-13	CVE-2017-0365	Cross-site Scripting vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS vulnerability in SearchHighlighter::highlightText() with non-default configurations. network high complexity mediawiki debian CWE-79	2.6
2018-04-13	CVE-2017-0361	Information Exposure vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext. local low complexity mediawiki debian CWE-200	2.1
2018-04-13	CVE-2018-10087	Improper Input Validation vulnerability in Linux Kernel The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value. local low complexity linux debian canonical CWE-20	2.1
2018-04-12	CVE-2018-10061	Cross-site Scripting vulnerability in multiple products Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used). network cacti debian CWE-79	3.5