Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-03-25 CVE-2018-8976 Out-of-bounds Read vulnerability in multiple products
In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.
network
low complexity
exiv2 debian redhat CWE-125
6.5
6.5
2018-03-21 CVE-2017-0917 Improper Input Validation vulnerability in multiple products
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting.
network
low complexity
gitlab debian CWE-20
6.1
6.1
2018-03-21 CVE-2017-18241 NULL Pointer Dereference vulnerability in multiple products
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.
local
low complexity
linux debian canonical CWE-476
5.5
5.5
2018-03-18 CVE-2018-8754 Out-of-bounds Read vulnerability in multiple products
The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size.
local
low complexity
libevt-project debian CWE-125
5.5
5.5
2018-03-16 CVE-2018-1068 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging.
local
low complexity
linux canonical debian redhat CWE-787
6.7
6.7
2018-03-15 CVE-2017-18238 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian CWE-835
5.5
5.5
2018-03-15 CVE-2017-18236 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian canonical CWE-835
5.5
5.5
2018-03-15 CVE-2017-18233 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian canonical CWE-835
5.5
5.5
2018-03-14 CVE-2017-18231 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in GraphicsMagick 1.3.26.
network
low complexity
graphicsmagick debian CWE-476
6.5
6.5
2018-03-14 CVE-2017-18230 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in GraphicsMagick 1.3.26.
network
low complexity
graphicsmagick debian CWE-476
6.5
6.5