Vulnerabilities > Debian > Debian Linux > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-26 | CVE-2018-1000544 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. | 7.5 |
2018-06-26 | CVE-2018-1000517 | Classic Buffer Overflow vulnerability in multiple products BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. | 7.5 |
2018-06-26 | CVE-2017-7656 | In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. | 7.5 |
2018-06-20 | CVE-2018-12601 | Out-of-bounds Write vulnerability in multiple products There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact. | 7.5 |
2018-06-20 | CVE-2018-10841 | Authentication Bypass Using an Alternate Path or Channel vulnerability in multiple products glusterfs is vulnerable to privilege escalation on gluster server nodes. | 8.8 |
2018-06-19 | CVE-2018-10811 | Missing Initialization of Resource vulnerability in multiple products strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. | 7.5 |
2018-06-19 | CVE-2018-1061 | python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. | 7.5 |
2018-06-18 | CVE-2018-1060 | python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. | 7.5 |
2018-06-17 | CVE-2018-11219 | Integer Overflow or Wraparound vulnerability in multiple products An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking. | 7.5 |
2018-06-17 | CVE-2018-11218 | Out-of-bounds Write vulnerability in multiple products Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows. | 7.5 |