Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-24 | CVE-2019-12384 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. | 5.9 |
2019-06-19 | CVE-2019-12814 | Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. | 5.9 |
2019-06-19 | CVE-2019-11040 | Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. | 6.4 |
2019-06-19 | CVE-2019-11039 | Out-of-bounds Read vulnerability in multiple products Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. | 6.4 |
2019-06-19 | CVE-2019-11038 | Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. | 5.3 |
2019-06-17 | CVE-2019-8323 | Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. | 5.0 |
2019-06-17 | CVE-2019-8322 | Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. | 5.0 |
2019-06-17 | CVE-2019-8321 | Argument Injection or Modification vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. | 5.0 |
2019-06-17 | CVE-2019-8325 | Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. | 5.0 |
2019-06-17 | CVE-2019-8324 | Code Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. | 6.8 |