Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-24 CVE-2018-10323 NULL Pointer Dereference vulnerability in multiple products
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.
local
low complexity
linux canonical debian CWE-476
5.5
5.5
2018-04-24 CVE-2016-9601 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image.
local
low complexity
artifex debian CWE-119
5.5
5.5
2018-04-23 CVE-2018-1106 Improper Authentication vulnerability in multiple products
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. 		5.5
5.5
2018-04-22 CVE-2018-10289 Infinite Loop vulnerability in multiple products
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file.
local
low complexity
artifex debian CWE-835
5.5
5.5
2018-04-19 CVE-2018-2819 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle mariadb canonical debian redhat netapp
6.5
6.5
2018-04-19 CVE-2018-2818 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges).
network
low complexity
oracle canonical debian netapp
4.9
4.9
2018-04-19 CVE-2018-2817 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle canonical debian redhat mariadb netapp
6.5
6.5
2018-04-19 CVE-2018-2815 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). 5.3
5.3
2018-04-19 CVE-2018-2813 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle debian canonical redhat netapp mariadb
4.3
4.3
2018-04-19 CVE-2018-2800 Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). 4.2
4.2