Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-30 | CVE-2010-0206 | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 3.0317/3.0413/3.044 xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects. | 4.3 |
| 2019-10-30 | CVE-2018-5735 | Reachable Assertion vulnerability in Debian Linux 10.0/8.0/9.0 The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. | 5.0 |
| 2019-10-29 | CVE-2011-1408 | Link Following vulnerability in multiple products ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks. | 6.4 |
| 2019-10-29 | CVE-2019-18603 | Use of Uninitialized Resource vulnerability in multiple products OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer. | 4.3 |
| 2019-10-29 | CVE-2019-18602 | Use of Uninitialized Resource vulnerability in multiple products OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer. | 5.0 |
| 2019-10-29 | CVE-2019-15681 | Improper Initialization vulnerability in multiple products LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. | 5.0 |
| 2019-10-29 | CVE-2011-4931 | Weak Password Requirements vulnerability in multiple products gpw generates shorter passwords than required | 5.0 |
| 2019-10-29 | CVE-2009-3723 | Incorrect Authorization vulnerability in multiple products asterisk allows calls on prohibited networks | 5.0 |
| 2019-10-28 | CVE-2012-5577 | Incorrect Default Permissions vulnerability in multiple products Python keyring lib before 0.10 created keyring files with world-readable permissions. | 5.0 |
| 2019-10-23 | CVE-2019-18281 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters. | 4.3 |