Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2019-07-05 CVE-2019-13295 Out-of-bounds Read vulnerability in multiple products
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
network
low complexity
imagemagick debian opensuse canonical CWE-125
8.8
8.8
2019-07-03 CVE-2019-5052 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4.
network
low complexity
libsdl debian opensuse canonical CWE-190
8.8
8.8
2019-07-03 CVE-2019-5051 Improper Handling of Exceptional Conditions vulnerability in multiple products
An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4.
network
low complexity
libsdl debian opensuse canonical CWE-755
8.8
8.8
2019-07-03 CVE-2019-13164 qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
local
low complexity
qemu debian opensuse canonical
7.8
7.8
2019-07-01 CVE-2019-13135 Use of Uninitialized Resource vulnerability in multiple products
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
network
low complexity
imagemagick debian canonical f5 CWE-908
8.8
8.8
2019-06-28 CVE-2019-13031 XXE vulnerability in multiple products
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server.
network
high complexity
lemonldap-ng debian CWE-611
8.1
8.1
2019-06-27 CVE-2019-5836 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google opensuse debian fedoraproject CWE-787
8.8
8.8
2019-06-27 CVE-2019-5831 Out-of-bounds Write vulnerability in multiple products
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google opensuse debian fedoraproject CWE-787
8.8
8.8
2019-06-27 CVE-2019-5829 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
network
low complexity
google opensuse debian fedoraproject CWE-190
8.8
8.8
2019-06-27 CVE-2019-5828 Use After Free vulnerability in multiple products
Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
network
low complexity
google opensuse debian fedoraproject CWE-416
8.8
8.8