Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-17 | CVE-2018-14355 | Path Traversal vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. | 5.3 |
| 2018-07-17 | CVE-2018-14347 | Infinite Loop vulnerability in multiple products GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). | 6.5 |
| 2018-07-16 | CVE-2018-0360 | Integer Overflow or Wraparound vulnerability in multiple products ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. | 5.5 |
| 2018-07-16 | CVE-2014-2079 | Permissions, Privileges, and Access Controls vulnerability in multiple products X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares. | 5.5 |
| 2018-07-15 | CVE-2018-14056 | Path Traversal vulnerability in multiple products ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories. | 5.3 |
| 2018-07-15 | CVE-2018-14055 | Improper Input Validation vulnerability in multiple products ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf. | 6.5 |
| 2018-07-13 | CVE-2018-14040 | Cross-site Scripting vulnerability in multiple products In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. | 6.1 |
| 2018-07-10 | CVE-2018-1116 | Missing Authorization vulnerability in multiple products A flaw was found in polkit before version 0.116. | 4.4 |
| 2018-07-10 | CVE-2018-1129 | Improper Authentication vulnerability in multiple products A flaw was found in the way signature calculation was handled by cephx authentication protocol. | 6.5 |
| 2018-07-10 | CVE-2018-10888 | Out-of-bounds Read vulnerability in multiple products A flaw was found in libgit2 before version 0.27.3. | 6.5 |