Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-26 | CVE-2017-12163 | An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. | 7.1 |
| 2018-07-26 | CVE-2018-10900 | OS Command Injection vulnerability in multiple products Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. | 7.8 |
| 2018-07-26 | CVE-2017-7558 | A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. | 7.5 |
| 2018-07-24 | CVE-2018-10906 | Improper Privilege Management vulnerability in multiple products In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. | 7.8 |
| 2018-07-20 | CVE-2018-14447 | Out-of-bounds Read vulnerability in multiple products trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read. | 8.8 |
| 2018-07-19 | CVE-2018-14423 | Divide By Zero vulnerability in multiple products Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). | 7.5 |
| 2018-07-19 | CVE-2018-14404 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. | 7.5 |
| 2018-07-19 | CVE-2018-14369 | Improper Input Validation vulnerability in multiple products In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. | 7.5 |
| 2018-07-19 | CVE-2018-14368 | Infinite Loop vulnerability in multiple products In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. | 7.5 |
| 2018-07-19 | CVE-2018-14343 | Integer Overflow or Wraparound vulnerability in multiple products In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. | 7.5 |