Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2019-02-28 CVE-2019-1999 Double Free vulnerability in multiple products
In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking.
local
low complexity
google debian canonical CWE-415
7.8
7.8
2019-02-28 CVE-2019-9214 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash.
network
low complexity
wireshark debian CWE-476
7.5
7.5
2019-02-28 CVE-2019-9208 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash.
network
low complexity
wireshark debian CWE-476
7.5
7.5
2019-02-27 CVE-2019-9210 Integer Overflow or Wraparound vulnerability in multiple products
In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. 		7.8
7.8
2019-02-26 CVE-2019-9200 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary.
network
low complexity
freedesktop debian canonical CWE-787
8.8
8.8
2019-02-22 CVE-2019-9024 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
7.5
7.5
2019-02-22 CVE-2019-9022 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2.
network
low complexity
php debian canonical netapp CWE-125
7.5
7.5
2019-02-21 CVE-2019-8980 Memory Leak vulnerability in multiple products
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
network
low complexity
linux canonical opensuse debian CWE-401
7.5
7.5
2019-02-20 CVE-2018-5819 Resource Exhaustion vulnerability in multiple products
An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources.
network
low complexity
libraw debian CWE-400
7.5
7.5
2019-02-20 CVE-2018-5818 Infinite Loop vulnerability in multiple products
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop.
network
low complexity
libraw debian CWE-835
7.5
7.5