Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2017-3136 Reachable Assertion vulnerability in multiple products
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate.
network
high complexity
isc redhat netapp debian CWE-617
5.9
5.9
2019-01-16 CVE-2017-3135 NULL Pointer Dereference vulnerability in multiple products
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer.
network
high complexity
isc redhat netapp debian CWE-476
5.9
5.9
2019-01-16 CVE-2019-2537 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle canonical debian netapp mariadb redhat
4.9
4.9
2019-01-16 CVE-2019-2529 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle debian canonical netapp mariadb redhat
6.5
6.5
2019-01-15 CVE-2018-14662 It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.
low complexity
redhat debian opensuse canonical
5.7
5.7
2019-01-15 CVE-2018-16846 It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.
network
low complexity
redhat debian opensuse canonical
6.5
6.5
2019-01-15 CVE-2019-3811 A vulnerability was found in sssd. 5.2
5.2
2019-01-11 CVE-2018-4181 In macOS High Sierra before 10.13.5, an issue existed in CUPS.
local
low complexity
apple canonical debian
5.5
5.5
2019-01-11 CVE-2019-6133 Race Condition vulnerability in multiple products
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached.
local
high complexity
polkit-project debian redhat canonical CWE-362
6.7
6.7
2019-01-10 CVE-2018-20685 Incorrect Authorization vulnerability in multiple products
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . 		5.3
5.3