Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-19 | CVE-2019-5766 | Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2019-02-19 | CVE-2019-5765 | Cleartext Storage of Sensitive Information vulnerability in multiple products An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent. | 5.5 |
2019-02-19 | CVE-2019-5754 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy. | 6.5 |
2019-02-18 | CVE-2019-8907 | Out-of-bounds Write vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact. | 6.8 |
2019-02-17 | CVE-2016-10742 | Open Redirect vulnerability in multiple products Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter. | 5.8 |
2019-02-15 | CVE-2019-8354 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in SoX 14.4.2. | 5.0 |
2019-02-12 | CVE-2019-8308 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file. | 4.4 |
2019-02-11 | CVE-2018-15587 | Improper Verification of Cryptographic Signature vulnerability in multiple products GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment. | 4.3 |
2019-02-09 | CVE-2019-7665 | Out-of-bounds Read vulnerability in multiple products In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. | 4.3 |
2019-02-09 | CVE-2019-7663 | An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. | 4.3 |