Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-01-30 CVE-2017-5612 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt.
network
low complexity
wordpress debian CWE-79
6.1
6.1
2017-01-30 CVE-2017-5610 Information Exposure vulnerability in multiple products
wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms.
network
low complexity
wordpress debian CWE-200
5.3
5.3
2017-01-27 CVE-2017-3318 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling).
local
high complexity
oracle debian redhat mariadb
4.0
4.0
2017-01-27 CVE-2017-3317 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging).
local
high complexity
oracle debian redhat mariadb
4.0
4.0
2017-01-27 CVE-2017-3313 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM).
local
high complexity
oracle debian canonical redhat mariadb
4.7
4.7
2017-01-27 CVE-2017-3312 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging).
local
high complexity
oracle debian mariadb
6.7
6.7
2017-01-27 CVE-2017-3291 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging).
local
high complexity
oracle mariadb debian redhat
6.3
6.3
2017-01-27 CVE-2017-3265 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging).
local
high complexity
oracle redhat debian mariadb
5.6
5.6
2017-01-27 CVE-2017-3258 Improper Input Validation vulnerability in multiple products
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle mariadb debian redhat CWE-20
6.5
6.5
2017-01-27 CVE-2017-3257 Improper Privilege Management vulnerability in multiple products
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB).
network
low complexity
oracle mariadb debian CWE-269
6.5
6.5