Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-19 CVE-2018-14342 Excessive Iteration vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop.
network
low complexity
wireshark debian CWE-834
7.5
7.5
2018-07-19 CVE-2018-14341 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-07-19 CVE-2018-14340 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash.
network
low complexity
wireshark debian CWE-125
7.5
7.5
2018-07-19 CVE-2018-14339 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-07-18 CVE-2018-3064 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical debian mariadb
7.1
7.1
2018-07-18 CVE-2018-10871 Cleartext Storage of Sensitive Information vulnerability in multiple products
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information.
network
low complexity
fedoraproject debian CWE-312
7.2
7.2
2018-07-17 CVE-2018-14363 Path Traversal vulnerability in multiple products
An issue was discovered in NeoMutt before 2018-07-16.
network
low complexity
debian neomutt CWE-22
7.5
7.5
2018-07-17 CVE-2018-14346 Out-of-bounds Write vulnerability in multiple products
GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).
network
low complexity
debian gnu CWE-787
8.8
8.8
2018-07-17 CVE-2018-14337 Integer Overflow or Wraparound vulnerability in multiple products
The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.
network
low complexity
mruby debian CWE-190
7.5
7.5
2018-07-16 CVE-2018-10857 Information Exposure vulnerability in multiple products
git-annex is vulnerable to a private data exposure and exfiltration attack.
network
low complexity
git-annex-project debian CWE-200
7.5
7.5