Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-01-24 | CVE-2017-12177 | xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | Debian_linux, Xorg\-Server | 9.8 | ||
2018-01-24 | CVE-2017-12176 | xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | Debian_linux, Xorg\-Server | 9.8 | ||
2017-09-21 | CVE-2017-12153 | A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash. | Ubuntu_linux, Debian_linux, Linux_kernel | 4.4 | ||
2018-07-27 | CVE-2017-12151 | A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. | Debian_linux, Cifs_server, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Samba | 7.4 | ||
2018-03-21 | CVE-2017-0926 | Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login. | Debian_linux, Gitlab | 8.8 | ||
2018-03-21 | CVE-2017-0925 | Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password. | Debian_linux, Gitlab | 7.2 | ||
2018-03-21 | CVE-2017-0918 | Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution. | Debian_linux, Gitlab | 8.8 | ||
2018-03-21 | CVE-2017-0917 | Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting. | Debian_linux, Gitlab | 6.1 | ||
2018-03-21 | CVE-2017-0916 | Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution. | Debian_linux, Gitlab | 9.8 | ||
2018-03-21 | CVE-2017-0915 | Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution. | Debian_linux, Gitlab | 9.8 |