Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-20 CVE-2018-12600 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
network
low complexity
debian canonical imagemagick CWE-787
8.8
8.8
2018-06-20 CVE-2018-12599 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
network
low complexity
debian canonical imagemagick CWE-787
8.8
8.8
2018-06-20 CVE-2018-10841 glusterfs is vulnerable to privilege escalation on gluster server nodes.
network
low complexity
gluster debian
8.8
8.8
2018-06-19 CVE-2018-10811 Missing Initialization of Resource vulnerability in multiple products
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. 		7.5
7.5
2018-06-19 CVE-2018-1061 python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method.
network
low complexity
python debian redhat canonical fedoraproject
7.5
7.5
2018-06-19 CVE-2018-12565 Improper Input Validation vulnerability in multiple products
An issue was discovered in Linaro LAVA before 2018.5.post1.
network
low complexity
linaro debian CWE-20
8.8
8.8
2018-06-18 CVE-2018-1060 python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method.
network
low complexity
python fedoraproject canonical redhat debian
7.5
7.5
2018-06-17 CVE-2018-12029 Race Condition vulnerability in multiple products
A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is configured.
local
high complexity
phusion debian CWE-362
7.0
7.0
2018-06-13 CVE-2018-11806 Out-of-bounds Write vulnerability in multiple products
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
local
low complexity
qemu canonical redhat debian CWE-787
8.2
8.2
2018-06-13 CVE-2018-11406 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11.
network
low complexity
sensiolabs debian CWE-352
8.8
8.8