Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-10 | CVE-2019-13727 | Improper Preservation of Permissions vulnerability in multiple products Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 8.8 |
| 2019-12-10 | CVE-2019-13726 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2019-12-10 | CVE-2019-13725 | Use After Free vulnerability in multiple products Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2019-12-10 | CVE-2012-1577 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in multiple products lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. | 7.5 |
| 2019-12-10 | CVE-2013-4133 | Improper Resource Shutdown or Release vulnerability in multiple products kde-workspace before 4.10.5 has a memory leak in plasma desktop | 7.8 |
| 2019-12-08 | CVE-2019-19630 | Out-of-bounds Write vulnerability in multiple products HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document. | 7.8 |
| 2019-12-08 | CVE-2019-19448 | Use After Free vulnerability in multiple products In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. | 7.8 |
| 2019-12-06 | CVE-2019-19617 | phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php. | 7.5 |
| 2019-12-05 | CVE-2019-16770 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. | 7.5 |
| 2019-12-05 | CVE-2019-19553 | Missing Initialization of Resource vulnerability in multiple products In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. | 7.5 |