Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-24 | CVE-2017-3456 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). | 4.9 |
| 2017-04-24 | CVE-2017-3453 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 6.5 |
| 2017-04-24 | CVE-2017-3305 | Cleartext Transmission of Sensitive Information vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). | 5.3 |
| 2017-04-20 | CVE-2017-7718 | Out-of-bounds Read vulnerability in multiple products hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions. | 5.5 |
| 2017-04-18 | CVE-2017-7943 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | 6.5 |
| 2017-04-18 | CVE-2017-7941 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file. | 6.5 |
| 2017-04-13 | CVE-2015-8345 | Resource Management Errors vulnerability in multiple products The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | 6.5 |
| 2017-04-12 | CVE-2017-7700 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. | 6.5 |
| 2017-04-11 | CVE-2017-7697 | Out-of-bounds Read vulnerability in multiple products In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file. | 5.5 |
| 2017-04-11 | CVE-2015-8613 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command. | 6.5 |