Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-11-07 CVE-2007-6745 clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
network
low complexity
clamav debian
critical
 9.8
9.8
2019-11-06 CVE-2007-0899 Out-of-bounds Write vulnerability in multiple products
There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
network
low complexity
clamav debian CWE-787
critical
 9.8
9.8
2019-11-01 CVE-2013-2739 Out-of-bounds Write vulnerability in multiple products
MiniDLNA has heap-based buffer overflow
network
low complexity
readymedia-project debian CWE-787
critical
 9.8
9.8
2019-10-31 CVE-2013-1910 Improper Input Validation vulnerability in multiple products
yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository.
network
low complexity
baseurl debian CWE-20
critical
 9.8
9.8
2019-10-31 CVE-2009-5043 Improper Handling of Exceptional Conditions vulnerability in multiple products
burn allows file names to escape via mishandled quotation marks
network
low complexity
burn-project debian CWE-755
critical
 9.8
9.8
2019-10-31 CVE-2009-5042 Exposure of Resource to Wrong Sphere vulnerability in multiple products
python-docutils allows insecure usage of temporary files
network
low complexity
python-docutils-project debian CWE-668
critical
 9.1
9.1
2019-10-31 CVE-2019-18425 Improper Privilege Management vulnerability in multiple products
An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors.
network
low complexity
xen debian fedoraproject opensuse CWE-269
critical
 9.8
9.8
2019-10-30 CVE-2010-0748 Improper Input Validation vulnerability in multiple products
Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.
network
low complexity
transmissionbt debian CWE-20
critical
 9.8
9.8
2019-10-28 CVE-2019-11043 Out-of-bounds Write vulnerability in multiple products
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
network
low complexity
php canonical debian fedoraproject tenable redhat CWE-787
critical
 9.8
9.8
2019-10-17 CVE-2019-17670 Server-Side Request Forgery (SSRF) vulnerability in multiple products
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
network
low complexity
wordpress debian CWE-918
critical
 9.8
9.8