Debian

Debian Linux

9212 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-14380

  • EPSS 0.29%
  • Published 30.07.2019 19:15:13
  • Last modified 21.11.2024 04:26:37

libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.

7.1

CVE-2019-14442

Exploit
  • EPSS 0.22%
  • Published 30.07.2019 13:15:18
  • Last modified 21.11.2024 04:26:45

In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file.

6.5

CVE-2019-14443

Exploit
  • EPSS 0.51%
  • Published 30.07.2019 13:15:18
  • Last modified 21.11.2024 04:26:45

An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.

7.5

CVE-2019-14439

  • EPSS 7.16%
  • Published 30.07.2019 11:15:11
  • Last modified 21.11.2024 04:26:44

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logbac...

9.8

CVE-2019-14271

  • EPSS 72.2%
  • Published 29.07.2019 18:15:11
  • Last modified 21.11.2024 04:26:20

In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.

9.8

CVE-2019-14379

  • EPSS 1.46%
  • Published 29.07.2019 12:15:16
  • Last modified 21.11.2024 04:26:37

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.

6.5

CVE-2019-14370

Exploit
  • EPSS 0.14%
  • Published 28.07.2019 19:15:11
  • Last modified 21.11.2024 04:26:36

In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service.

6.5

CVE-2019-14369

Exploit
  • EPSS 0.19%
  • Published 28.07.2019 19:15:10
  • Last modified 21.11.2024 04:26:36

Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file.

4.9

CVE-2019-13057

  • EPSS 1.09%
  • Published 26.07.2019 13:15:12
  • Last modified 21.11.2024 04:24:07

An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not pro...

7.5

CVE-2019-13565

  • EPSS 5.75%
  • Published 26.07.2019 13:15:12
  • Last modified 21.11.2024 04:25:11

An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simpl...