Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-12-04 CVE-2018-6086 Use After Free vulnerability in multiple products
A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
network
low complexity
google redhat debian CWE-416
8.8
8.8
2018-12-04 CVE-2018-6085 Use After Free vulnerability in multiple products
Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
network
low complexity
google redhat debian CWE-416
8.8
8.8
2018-12-03 CVE-2018-19824 Use After Free vulnerability in multiple products
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
local
low complexity
linux canonical debian CWE-416
7.8
7.8
2018-12-03 CVE-2018-19788 Improper Input Validation vulnerability in multiple products
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
network
low complexity
polkit-project debian canonical CWE-20
8.8
8.8
2018-11-29 CVE-2018-8789 Out-of-bounds Read vulnerability in multiple products
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).
network
low complexity
freerdp canonical debian CWE-125
7.5
7.5
2018-11-29 CVE-2018-19662 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in libsndfile 1.0.28.
network
low complexity
libsndfile-project debian CWE-125
8.1
8.1
2018-11-29 CVE-2018-19628 Divide By Zero vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash.
network
low complexity
wireshark debian CWE-369
7.5
7.5
2018-11-29 CVE-2018-19627 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash.
network
low complexity
wireshark debian CWE-125
7.5
7.5
2018-11-29 CVE-2018-19623 Out-of-bounds Write vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash.
network
low complexity
wireshark debian CWE-787
7.5
7.5
2018-11-29 CVE-2018-19622 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5