Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-13 CVE-2018-10850 Race Condition vulnerability in multiple products
389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. 		7.1
7.1
2018-06-13 CVE-2018-11806 Out-of-bounds Write vulnerability in multiple products
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
local
low complexity
qemu canonical redhat debian CWE-787
7.2
7.2
2018-06-13 CVE-2018-11406 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11.
network
low complexity
sensiolabs debian CWE-352
8.8
8.8
2018-06-13 CVE-2018-11385 Session Fixation vulnerability in multiple products
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11.
network
high complexity
sensiolabs debian fedoraproject CWE-384
8.1
8.1
2018-06-12 CVE-2018-0732 Key Management Errors vulnerability in multiple products
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client.
network
low complexity
openssl debian canonical nodejs CWE-320
7.5
7.5
2018-06-11 CVE-2018-5183 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Mozilla developers backported selected changes in the Skia library.
network
low complexity
redhat debian canonical mozilla CWE-119
7.5
7.5
2018-06-11 CVE-2018-5159 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes.
network
low complexity
debian redhat mozilla canonical CWE-190
7.5
7.5
2018-06-11 CVE-2018-5155 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths.
network
low complexity
debian redhat mozilla canonical CWE-416
7.5
7.5
2018-06-11 CVE-2018-5154 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths.
network
low complexity
debian redhat mozilla canonical CWE-416
7.5
7.5
2018-06-11 CVE-2018-5150 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7.
network
low complexity
debian redhat mozilla canonical CWE-119
7.5
7.5