Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-08-24 CVE-2018-14600 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in libX11 through 1.6.5.
network
low complexity
x-org debian canonical CWE-787
critical
 9.8
9.8
2018-08-24 CVE-2018-14599 Off-by-one Error vulnerability in multiple products
An issue was discovered in libX11 through 1.6.5.
network
low complexity
x-org debian canonical fedoraproject redhat CWE-193
critical
 9.8
9.8
2018-08-18 CVE-2018-15494 Improper Encoding or Escaping of Output vulnerability in multiple products
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
network
low complexity
dojotoolkit debian CWE-116
critical
 9.8
9.8
2018-08-01 CVE-2015-9262 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow.
network
low complexity
debian canonical x redhat CWE-119
critical
 9.8
9.8
2018-07-31 CVE-2018-14767 Improper Input Validation vulnerability in multiple products
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash.
network
low complexity
debian kamailio CWE-20
critical
 9.8
9.8
2018-07-27 CVE-2016-9603 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest.
network
low complexity
qemu redhat citrix debian CWE-119
critical
 9.9
9.9
2018-07-27 CVE-2017-2620 Out-of-bounds Write vulnerability in multiple products
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue.
network
low complexity
qemu redhat citrix debian xen CWE-787
critical
 9.9
9.9
2018-07-27 CVE-2017-2640 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content.
network
low complexity
pidgin redhat debian CWE-787
critical
 9.8
9.8
2018-07-23 CVE-2018-1999010 Out-of-bounds Read vulnerability in multiple products
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data.
network
low complexity
ffmpeg debian CWE-125
critical
 9.8
9.8
2018-07-19 CVE-2018-7602 A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x.
network
low complexity
drupal debian
critical
 9.8
9.8