Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-07-27 | CVE-2017-2616 | A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. | Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Util\-Linux | 4.7 | ||
| 2018-01-25 | CVE-2017-15132 | A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion. | Ubuntu_linux, Debian_linux, Dovecot | 7.5 | ||
| 2018-07-27 | CVE-2017-15120 | An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a denial of service. | Debian_linux, Recursor | 7.5 | ||
| 2018-01-23 | CVE-2017-15105 | A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof. | Ubuntu_linux, Debian_linux, Unbound | 5.3 | ||
| 2018-01-18 | CVE-2017-12197 | It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information. | Debian_linux, Libpam4j, Enterprise_linux | 6.5 | ||
| 2018-01-24 | CVE-2017-12187 | xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | Debian_linux, Xorg\-Server | 9.8 | ||
| 2018-01-24 | CVE-2017-12186 | xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | Debian_linux, Xorg\-Server | 9.8 | ||
| 2018-01-24 | CVE-2017-12185 | xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | Debian_linux, Xorg\-Server | 9.8 | ||
| 2018-01-24 | CVE-2017-12184 | xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | Debian_linux, Xorg\-Server | 9.8 | ||
| 2018-01-24 | CVE-2017-12183 | xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | Debian_linux, Xorg\-Server | 9.8 |