Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2019-10-31 CVE-2013-1910 Improper Input Validation vulnerability in multiple products
yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository.
network
low complexity
baseurl debian CWE-20
7.5
7.5
2019-10-31 CVE-2010-2490 Improper Input Validation vulnerability in multiple products
Mumble: murmur-server has DoS due to malformed client query
network
low complexity
mumble debian CWE-20
4.0
4.0
2019-10-31 CVE-2009-5043 Improper Handling of Exceptional Conditions vulnerability in multiple products
burn allows file names to escape via mishandled quotation marks
network
low complexity
burn-project debian CWE-755
7.5
7.5
2019-10-31 CVE-2009-5042 Exposure of Resource to Wrong Sphere vulnerability in multiple products
python-docutils allows insecure usage of temporary files
network
low complexity
python-docutils-project debian CWE-668
6.4
6.4
2019-10-31 CVE-2009-5041 Classic Buffer Overflow vulnerability in Debian Overkill
overkill has buffer overflow via long player names that can corrupt data on the server machine
network
low complexity
debian CWE-120
7.5
7.5
2019-10-31 CVE-2019-18425 Improper Privilege Management vulnerability in multiple products
An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors.
network
low complexity
xen debian fedoraproject opensuse CWE-269
critical
 9.8
9.8
2019-10-31 CVE-2019-18424 OS Command Injection vulnerability in multiple products
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. 		6.8
6.8
2019-10-31 CVE-2019-18423 Off-by-one Error vulnerability in multiple products
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall.
network
low complexity
xen debian fedoraproject CWE-193
8.8
8.8
2019-10-31 CVE-2019-18422 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts.
network
low complexity
xen debian fedoraproject CWE-732
8.8
8.8
2019-10-31 CVE-2019-18421 Race Condition vulnerability in multiple products
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations.
network
high complexity
xen debian fedoraproject opensuse CWE-362
7.5
7.5