Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-04 | CVE-2018-0503 | Improper Privilege Management vulnerability in multiple products Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'. | 4.0 |
| 2018-10-04 | CVE-2018-11784 | Open Redirect vulnerability in multiple products When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. | 4.3 |
| 2018-10-03 | CVE-2018-17972 | Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. | 5.5 |
| 2018-10-03 | CVE-2018-17540 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. | 7.5 |
| 2018-10-01 | CVE-2015-9268 | Improper Input Validation vulnerability in multiple products Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. | 9.3 |
| 2018-10-01 | CVE-2015-9267 | Improper Privilege Management vulnerability in multiple products Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. | 3.6 |
| 2018-09-28 | CVE-2018-14648 | Resource Exhaustion vulnerability in multiple products A flaw was found in 389 Directory Server. | 7.8 |
| 2018-09-28 | CVE-2018-17581 | Resource Exhaustion vulnerability in multiple products CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. | 6.5 |
| 2018-09-28 | CVE-2018-16587 | Improper Input Validation vulnerability in multiple products In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. | 5.8 |
| 2018-09-28 | CVE-2018-16586 | In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. | 4.3 |