Debian

Debian Linux

9213 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2019-5765

  • EPSS 0.13%
  • Published 19.02.2019 17:29:00
  • Last modified 21.11.2024 04:45:26

An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent.

8.8

CVE-2019-8907

Exploit
  • EPSS 0.9%
  • Published 18.02.2019 17:29:01
  • Last modified 21.11.2024 04:50:38

do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.

4.4

CVE-2019-8905

Exploit
  • EPSS 0.1%
  • Published 18.02.2019 17:29:00
  • Last modified 21.11.2024 04:50:38

do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.

6.1

CVE-2016-10742

Exploit
  • EPSS 0.42%
  • Published 17.02.2019 16:29:00
  • Last modified 21.11.2024 02:44:38

Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.

7.8

CVE-2019-8379

Exploit
  • EPSS 0.27%
  • Published 17.02.2019 02:29:00
  • Last modified 21.11.2024 04:49:47

An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Servic...

7.8

CVE-2019-8383

Exploit
  • EPSS 0.27%
  • Published 17.02.2019 02:29:00
  • Last modified 21.11.2024 04:49:48

An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segme...

5

CVE-2019-8354

  • EPSS 0.5%
  • Published 15.02.2019 23:29:00
  • Last modified 21.11.2024 04:49:44

An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.

8.1

CVE-2019-6974

Exploit
  • EPSS 7.22%
  • Published 15.02.2019 15:29:00
  • Last modified 21.11.2024 04:47:20

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

8.2

CVE-2019-8308

  • EPSS 0.07%
  • Published 12.02.2019 23:29:00
  • Last modified 21.11.2024 04:49:39

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

6.5

CVE-2018-15587

Exploit
  • EPSS 1.2%
  • Published 11.02.2019 17:29:00
  • Last modified 21.11.2024 03:51:07

GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.