Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2019-09-09 CVE-2019-16163 Uncontrolled Recursion vulnerability in multiple products
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.
7.5
2019-09-09 CVE-2019-16159 Out-of-bounds Write vulnerability in multiple products
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow.
network
low complexity
nic opensuse fedoraproject debian CWE-787
7.5
2019-09-08 CVE-2016-10937 Improper Certificate Validation vulnerability in multiple products
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
7.5
2019-09-06 CVE-2019-9854 Path Traversal vulnerability in multiple products
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc.
7.8
2019-09-06 CVE-2019-16056 An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. 7.5
2019-09-05 CVE-2018-21010 Out-of-bounds Write vulnerability in multiple products
OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c.
network
low complexity
uclouvain debian CWE-787
8.8
2019-09-04 CVE-2019-15917 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.0.5.
local
high complexity
linux debian opensuse CWE-416
7.0
2019-09-03 CVE-2019-15892 Reachable Assertion vulnerability in multiple products
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1.
7.5
2019-09-03 CVE-2019-14817 Incorrect Authorization vulnerability in multiple products
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
7.8
2019-09-03 CVE-2019-14811 Incorrect Authorization vulnerability in multiple products
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
7.8