Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-08-09 CVE-2019-14234 SQL Injection vulnerability in multiple products
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4.
network
low complexity
djangoproject fedoraproject debian CWE-89
critical
 9.8
9.8
2019-07-31 CVE-2019-14463 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5.
network
low complexity
libmodbus fedoraproject debian CWE-125
critical
 9.1
9.1
2019-07-31 CVE-2019-14462 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5.
network
low complexity
libmodbus fedoraproject debian CWE-125
critical
 9.1
9.1
2019-07-29 CVE-2019-14271 Improper Initialization vulnerability in multiple products
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.
network
low complexity
docker debian opensuse CWE-665
critical
 9.8
9.8
2019-07-29 CVE-2019-14379 SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
network
low complexity
fasterxml debian netapp fedoraproject redhat oracle apple
critical
 9.8
9.8
2019-07-25 CVE-2019-13917 Data Processing Errors vulnerability in multiple products
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
network
low complexity
exim debian CWE-19
critical
 9.8
9.8
2019-07-25 CVE-2019-1010174 Command Injection vulnerability in multiple products
CImg The CImg Library v.2.3.3 and earlier is affected by: command injection.
network
low complexity
cimg debian CWE-77
critical
 9.8
9.8
2019-07-23 CVE-2019-11709 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7.
network
low complexity
mozilla opensuse suse debian CWE-787
critical
 9.8
9.8
2019-07-19 CVE-2019-12815 Improper Handling of Exceptional Conditions vulnerability in multiple products
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
network
low complexity
proftpd fedoraproject debian siemens CWE-755
critical
 9.8
9.8
2019-07-19 CVE-2019-1010238 Out-of-bounds Write vulnerability in multiple products
Gnome Pango 1.42 and later is affected by: Buffer Overflow.
network
low complexity
gnome oracle fedoraproject debian canonical redhat CWE-787
critical
 9.8
9.8