Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-10-04 CVE-2019-17133 Classic Buffer Overflow vulnerability in multiple products
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
network
low complexity
linux debian canonical opensuse CWE-120
critical
 9.8
9.8
2019-10-01 CVE-2019-16943 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian fedoraproject redhat oracle netapp CWE-502
critical
 9.8
9.8
2019-10-01 CVE-2019-16942 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian fedoraproject redhat netapp oracle CWE-502
critical
 9.8
9.8
2019-09-27 CVE-2019-16928 Out-of-bounds Write vulnerability in multiple products
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846.
network
low complexity
exim canonical debian fedoraproject CWE-787
critical
 9.8
9.8
2019-09-25 CVE-2019-15941 Incorrect Authorization vulnerability in multiple products
OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request.
network
low complexity
lemonldap-ng debian CWE-863
critical
 9.8
9.8
2019-09-24 CVE-2019-16746 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17.
network
low complexity
linux debian canonical fedoraproject opensuse CWE-120
critical
 9.8
9.8
2019-09-17 CVE-2019-16378 Authentication Bypass by Spoofing vulnerability in multiple products
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.
network
low complexity
trusteddomain debian fedoraproject canonical CWE-290
critical
 9.8
9.8
2019-09-17 CVE-2019-16239 Classic Buffer Overflow vulnerability in multiple products
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
network
low complexity
infradead fedoraproject debian canonical opensuse CWE-120
critical
 9.8
9.8
2019-09-16 CVE-2019-5482 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
network
low complexity
haxx fedoraproject opensuse netapp oracle debian CWE-787
critical
 9.8
9.8
2019-09-16 CVE-2019-5481 Double Free vulnerability in multiple products
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
network
low complexity
haxx fedoraproject netapp oracle debian opensuse CWE-415
critical
 9.8
9.8