Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-28 | CVE-2017-15407 | Out-of-bounds Write vulnerability in multiple products Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server. | 8.8 |
| 2018-08-28 | CVE-2018-15911 | Use of Uninitialized Resource vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. | 7.8 |
| 2018-08-27 | CVE-2018-15910 | Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. | 7.8 |
| 2018-08-27 | CVE-2018-15909 | Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. | 7.8 |
| 2018-08-27 | CVE-2018-15908 | In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. | 7.8 |
| 2018-08-27 | CVE-2018-10938 | Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. | 7.1 |
| 2018-08-24 | CVE-2018-14600 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in libX11 through 1.6.5. | 7.5 |
| 2018-08-24 | CVE-2018-14598 | Improper Input Validation vulnerability in multiple products An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. | 7.5 |
| 2018-08-23 | CVE-2018-15822 | Reachable Assertion vulnerability in multiple products The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure. | 7.5 |
| 2018-08-21 | CVE-2018-10902 | Use After Free vulnerability in multiple products It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. | 7.8 |