Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-03 | CVE-2015-9383 | Out-of-bounds Read vulnerability in multiple products FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c. | 6.5 |
| 2019-09-03 | CVE-2015-9382 | Out-of-bounds Read vulnerability in multiple products FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation. | 4.3 |
| 2019-09-03 | CVE-2015-9381 | Out-of-bounds Read vulnerability in multiple products FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c. | 6.8 |
| 2019-08-29 | CVE-2019-14970 | Out-of-bounds Write vulnerability in multiple products A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file. | 6.8 |
| 2019-08-29 | CVE-2019-14778 | Use After Free vulnerability in multiple products The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | 6.8 |
| 2019-08-29 | CVE-2019-14777 | Use After Free vulnerability in multiple products The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | 6.8 |
| 2019-08-29 | CVE-2019-14776 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. | 6.8 |
| 2019-08-29 | CVE-2019-14534 | NULL Pointer Dereference vulnerability in multiple products In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. | 4.3 |
| 2019-08-29 | CVE-2019-14533 | Use After Free vulnerability in multiple products The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | 6.8 |
| 2019-08-29 | CVE-2019-15807 | Memory Leak vulnerability in multiple products In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. | 4.7 |