Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-16 | CVE-2018-21016 | Out-of-bounds Read vulnerability in multiple products audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | 6.5 |
2019-09-16 | CVE-2018-21015 | NULL Pointer Dereference vulnerability in multiple products AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | 6.5 |
2019-09-15 | CVE-2019-16335 | Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. | 9.8 |
2019-09-15 | CVE-2019-14540 | Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. | 9.8 |
2019-09-15 | CVE-2019-16319 | Infinite Loop vulnerability in multiple products In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. | 7.5 |
2019-09-12 | CVE-2019-16275 | Origin Validation Error vulnerability in multiple products hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. | 6.5 |
2019-09-11 | CVE-2019-16237 | Origin Validation Error vulnerability in multiple products Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala. | 7.5 |
2019-09-11 | CVE-2019-16236 | Missing Authorization vulnerability in multiple products Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala. | 7.5 |
2019-09-11 | CVE-2019-16235 | Origin Validation Error vulnerability in multiple products Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala. | 7.5 |
2019-09-11 | CVE-2019-16223 | Cross-site Scripting vulnerability in multiple products WordPress before 5.2.3 allows XSS in post previews by authenticated users. | 5.4 |