Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-08 | CVE-2019-11010 | Memory Leak vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. | 4.3 |
2019-04-08 | CVE-2019-11009 | Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. | 5.8 |
2019-04-08 | CVE-2019-11006 | Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. | 6.4 |
2019-04-07 | CVE-2019-10732 | Cleartext Transmission of Sensitive Information vulnerability in multiple products In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. | 4.3 |
2019-04-06 | CVE-2019-10904 | Cross-site Scripting vulnerability in multiple products Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors. | 4.3 |
2019-04-05 | CVE-2019-10868 | Missing Authorization vulnerability in multiple products In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 before 5.0.6, an authenticated user can order records based on a field for which he has no access right. | 4.0 |
2019-04-04 | CVE-2018-10242 | Out-of-bounds Read vulnerability in multiple products Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. | 5.0 |
2019-03-30 | CVE-2019-10650 | Out-of-bounds Read vulnerability in multiple products In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. | 5.8 |
2019-03-30 | CVE-2019-10649 | Memory Leak vulnerability in multiple products In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file. | 5.5 |
2019-03-27 | CVE-2017-7655 | NULL Pointer Dereference vulnerability in multiple products In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vulnerability was found in the Mosquitto library which could lead to crashes for those applications using the library. | 5.0 |