Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-23 | CVE-2019-11287 | Use of Externally-Controlled Format String vulnerability in multiple products Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. | 7.5 |
| 2019-11-22 | CVE-2014-6310 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function. | 7.5 |
| 2019-11-21 | CVE-2019-19204 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. | 7.5 |
| 2019-11-20 | CVE-2015-3166 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error. | 7.5 |
| 2019-11-20 | CVE-2019-3466 | Improper Privilege Management vulnerability in multiple products The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. | 7.2 |
| 2019-11-20 | CVE-2011-1028 | Improper Input Validation vulnerability in multiple products The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file. | 7.5 |
| 2019-11-18 | CVE-2019-10172 | XXE vulnerability in multiple products A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. | 7.5 |
| 2019-11-18 | CVE-2019-19074 | Memory Leak vulnerability in multiple products A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4. | 7.5 |
| 2019-11-18 | CVE-2019-19052 | Memory Leak vulnerability in multiple products A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486. | 7.5 |
| 2019-11-15 | CVE-2011-2910 | Improper Privilege Management vulnerability in multiple products The AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. | 7.2 |