Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-24 CVE-2018-10906 Improper Privilege Management vulnerability in multiple products
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active.
local
low complexity
debian fuse-project redhat CWE-269
7.8
7.8
2018-07-23 CVE-2018-1999010 Out-of-bounds Read vulnerability in multiple products
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data.
network
low complexity
ffmpeg debian CWE-125
7.5
7.5
2018-07-19 CVE-2017-7481 Improper Input Validation vulnerability in multiple products
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe.
network
low complexity
redhat canonical debian CWE-20
7.5
7.5
2018-07-19 CVE-2018-14369 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2018-07-19 CVE-2018-14368 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-07-19 CVE-2018-14343 Integer Overflow or Wraparound vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash.
network
low complexity
wireshark debian CWE-190
7.5
7.5
2018-07-19 CVE-2018-14342 Excessive Iteration vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop.
network
low complexity
wireshark debian CWE-834
7.5
7.5
2018-07-19 CVE-2018-14341 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-07-19 CVE-2018-14340 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash.
network
low complexity
wireshark debian CWE-125
7.5
7.5
2018-07-19 CVE-2018-14339 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5