Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-06 | CVE-2018-20763 | Out-of-bounds Write vulnerability in multiple products In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking. | 6.8 |
2019-02-06 | CVE-2018-20762 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames. | 6.8 |
2019-02-06 | CVE-2018-20761 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a. | 6.8 |
2019-02-06 | CVE-2018-20760 | Out-of-bounds Write vulnerability in multiple products In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled. | 6.8 |
2019-02-06 | CVE-2019-7548 | SQL Injection vulnerability in multiple products SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. | 6.8 |
2019-02-05 | CVE-2018-18506 | When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. | 5.9 |
2019-02-05 | CVE-2018-8799 | Out-of-bounds Read vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault). | 5.0 |
2019-02-05 | CVE-2018-8798 | Out-of-bounds Read vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak. | 5.0 |
2019-02-05 | CVE-2018-8796 | Out-of-bounds Read vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault). | 5.0 |
2019-02-05 | CVE-2018-8792 | Out-of-bounds Read vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault). | 5.0 |