Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2019-03-11 CVE-2019-9656 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in LibOFX 0.9.14.
network
low complexity
libofx-project debian canonical CWE-476
8.8
8.8
2019-03-09 CVE-2019-9640 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php canonical debian opensuse netapp redhat CWE-125
7.5
7.5
2019-03-09 CVE-2019-9639 Missing Initialization of Resource vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp redhat CWE-909
7.5
7.5
2019-03-09 CVE-2019-9638 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp redhat CWE-125
7.5
7.5
2019-03-09 CVE-2019-9637 Permissions, Privileges, and Access Controls vulnerability in multiple products
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp CWE-264
7.5
7.5
2019-03-07 CVE-2019-7175 Memory Leak vulnerability in multiple products
In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
network
low complexity
imagemagick opensuse debian canonical CWE-401
7.5
7.5
2019-02-28 CVE-2018-12397 Information Exposure vulnerability in multiple products
A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user.
local
low complexity
mozilla redhat debian canonical CWE-200
7.1
7.1
2019-02-28 CVE-2018-12395 By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting.
network
low complexity
mozilla debian canonical redhat
7.5
7.5
2019-02-28 CVE-2018-12393 Integer Overflow or Wraparound vulnerability in multiple products
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion.
network
low complexity
mozilla debian canonical redhat CWE-190
7.5
7.5
2019-02-28 CVE-2018-12389 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2.
network
low complexity
mozilla debian canonical redhat CWE-119
8.8
8.8