Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-11 | CVE-2016-5322 | Out-of-bounds Read vulnerability in multiple products The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | 5.5 |
| 2017-04-10 | CVE-2017-7377 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid. | 6.0 |
| 2017-04-09 | CVE-2017-7613 | Improper Input Validation vulnerability in multiple products elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7612 | Out-of-bounds Read vulnerability in multiple products The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7611 | Out-of-bounds Read vulnerability in multiple products The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7610 | Out-of-bounds Read vulnerability in multiple products The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7608 | Out-of-bounds Read vulnerability in multiple products The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-03-27 | CVE-2017-5973 | Infinite Loop vulnerability in multiple products The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence. | 5.5 |
| 2017-03-23 | CVE-2016-9556 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. | 5.5 |
| 2017-03-20 | CVE-2017-6836 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted file. | 5.5 |