Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-05 | CVE-2018-11743 | Access of Uninitialized Pointer vulnerability in multiple products The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and application crash) or possibly have unspecified other impact. | 7.5 |
| 2018-06-05 | CVE-2018-1000180 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. | 7.5 |
| 2018-06-04 | CVE-2016-1000343 | Cryptographic Issues vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. | 7.5 |
| 2018-05-29 | CVE-2018-11531 | Out-of-bounds Write vulnerability in multiple products Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. | 7.5 |
| 2018-05-28 | CVE-2018-11506 | Out-of-bounds Write vulnerability in multiple products The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call. | 7.8 |
| 2018-05-26 | CVE-2018-11490 | Improper Validation of Array Index vulnerability in multiple products The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. | 8.8 |
| 2018-05-23 | CVE-2018-1123 | Heap-based Buffer Overflow vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. | 7.5 |
| 2018-05-23 | CVE-2018-1126 | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. | 7.5 |
| 2018-05-22 | CVE-2018-11362 | Out-of-bounds Read vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. | 7.5 |
| 2018-05-22 | CVE-2018-11360 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. | 7.5 |