Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-16 | CVE-2018-10859 | Information Exposure vulnerability in multiple products git-annex is vulnerable to an Information Exposure when decrypting files. | 7.5 |
| 2018-07-13 | CVE-2018-10875 | Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. | 7.8 |
| 2018-07-11 | CVE-2018-11529 | Use After Free vulnerability in multiple products VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. | 8.0 |
| 2018-07-10 | CVE-2018-1128 | Improper Authentication vulnerability in multiple products It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. | 7.5 |
| 2018-07-10 | CVE-2018-10887 | Incorrect Conversion between Numeric Types vulnerability in multiple products A flaw was found in libgit2 before version 0.27.3. | 8.1 |
| 2018-07-10 | CVE-2018-10861 | Improper Authentication vulnerability in multiple products A flaw was found in the way ceph mon handles user requests. | 8.1 |
| 2018-07-06 | CVE-2018-13406 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. | 7.8 |
| 2018-07-06 | CVE-2018-13405 | Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. | 7.8 |
| 2018-07-05 | CVE-2018-13302 | Improper Validation of Array Index vulnerability in multiple products In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or possibly unspecified other impact. | 8.8 |
| 2018-07-05 | CVE-2018-13300 | Out-of-bounds Read vulnerability in multiple products In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure. | 8.1 |