Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2018-19141

  • EPSS 0.27%
  • Veröffentlicht 11.11.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:24

Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.

6.5

CVE-2018-19143

  • EPSS 0.13%
  • Veröffentlicht 11.11.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:25

Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.

5.5

CVE-2018-19139

Exploit
  • EPSS 0.45%
  • Veröffentlicht 09.11.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:24

An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.

5.9

CVE-2018-19132

  • EPSS 11.35%
  • Veröffentlicht 09.11.2018 11:29:03
  • Zuletzt bearbeitet 21.11.2024 03:57:23

Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.

9.8

CVE-2018-19115

  • EPSS 6.2%
  • Veröffentlicht 08.11.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:21

keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimi...

6.5

CVE-2018-19107

  • EPSS 0.3%
  • Veröffentlicht 08.11.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:20

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.

6.5

CVE-2018-19108

  • EPSS 0.41%
  • Veröffentlicht 08.11.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:20

In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.

6.5

CVE-2018-19058

Exploit
  • EPSS 0.28%
  • Veröffentlicht 07.11.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:14

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.

7.8

CVE-2018-16843

  • EPSS 55.54%
  • Veröffentlicht 07.11.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:25

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option...

7.8

CVE-2018-16844

  • EPSS 10.88%
  • Veröffentlicht 07.11.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:25

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the '...