Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-11 | CVE-2015-8568 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. | 6.5 |
| 2017-04-11 | CVE-2015-8504 | Divide By Zero vulnerability in multiple products Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. | 6.5 |
| 2017-04-11 | CVE-2016-5322 | Out-of-bounds Read vulnerability in multiple products The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | 5.5 |
| 2017-04-10 | CVE-2017-7377 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid. | 6.0 |
| 2017-04-09 | CVE-2017-7613 | Improper Input Validation vulnerability in multiple products elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7612 | Out-of-bounds Read vulnerability in multiple products The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7611 | Out-of-bounds Read vulnerability in multiple products The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7610 | Out-of-bounds Read vulnerability in multiple products The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7608 | Out-of-bounds Read vulnerability in multiple products The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-03-27 | CVE-2017-5973 | Infinite Loop vulnerability in multiple products The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence. | 5.5 |