Vulnerabilities > Debian > Low

DATE CVE VULNERABILITY TITLE RISK
2017-02-01 CVE-2016-9963 Key Management Errors vulnerability in multiple products
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
network
high complexity
exim canonical debian CWE-320
2.6
2.6
2017-01-27 CVE-2017-3312 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging).
local
high complexity
oracle debian mariadb
3.5
3.5
2017-01-27 CVE-2017-3291 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging).
local
high complexity
oracle mariadb debian redhat
3.5
3.5
2017-01-23 CVE-2016-9401 Use After Free vulnerability in multiple products
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
local
low complexity
gnu debian redhat CWE-416
2.1
2.1
2017-01-06 CVE-2016-2367 Information Exposure vulnerability in multiple products
An information leak exists in the handling of the MXIT protocol in Pidgin. 		3.5
3.5
2016-12-29 CVE-2016-9776 Infinite Loop vulnerability in multiple products
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue.
local
low complexity
qemu debian CWE-835
2.1
2.1
2016-12-29 CVE-2016-2198 NULL Pointer Dereference vulnerability in multiple products
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw.
local
low complexity
qemu debian CWE-476
2.1
2.1
2016-12-29 CVE-2016-1922 NULL Pointer Dereference vulnerability in multiple products
QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw.
local
low complexity
qemu debian CWE-476
2.1
2.1
2016-12-29 CVE-2015-8743 Out-of-bounds Read vulnerability in multiple products
QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue.
local
low complexity
qemu debian CWE-125
3.6
3.6
2016-12-09 CVE-2016-9104 Integer Overflow or Wraparound vulnerability in multiple products
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access.
local
low complexity
qemu debian opensuse CWE-190
2.1
2.1