Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-17 | CVE-2018-14346 | Out-of-bounds Write vulnerability in multiple products GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). | 8.8 |
| 2018-07-17 | CVE-2018-14337 | Integer Overflow or Wraparound vulnerability in multiple products The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length. | 7.5 |
| 2018-07-16 | CVE-2018-10857 | Information Exposure vulnerability in multiple products git-annex is vulnerable to a private data exposure and exfiltration attack. | 7.5 |
| 2018-07-16 | CVE-2018-10859 | Information Exposure vulnerability in multiple products git-annex is vulnerable to an Information Exposure when decrypting files. | 7.5 |
| 2018-07-13 | CVE-2018-10875 | Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. | 7.8 |
| 2018-07-11 | CVE-2018-11529 | Use After Free vulnerability in multiple products VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. | 8.0 |
| 2018-07-10 | CVE-2018-1128 | Improper Authentication vulnerability in multiple products It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. | 7.5 |
| 2018-07-10 | CVE-2018-10887 | Incorrect Conversion between Numeric Types vulnerability in multiple products A flaw was found in libgit2 before version 0.27.3. | 8.1 |
| 2018-07-10 | CVE-2018-10861 | Improper Authentication vulnerability in multiple products A flaw was found in the way ceph mon handles user requests. | 8.1 |
| 2018-07-06 | CVE-2018-13406 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. | 7.8 |