Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-15 | CVE-2019-9851 | Improper Input Validation vulnerability in multiple products LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. | 9.8 |
| 2019-08-15 | CVE-2019-9850 | Improper Input Validation vulnerability in multiple products LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. | 9.8 |
| 2019-08-15 | CVE-2019-10081 | Out-of-bounds Write vulnerability in multiple products HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. | 7.5 |
| 2019-08-15 | CVE-2019-13377 | Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. | 5.9 |
| 2019-08-15 | CVE-2019-13223 | Reachable Assertion vulnerability in multiple products A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | 5.5 |
| 2019-08-15 | CVE-2019-13222 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. | 7.1 |
| 2019-08-15 | CVE-2019-13221 | Out-of-bounds Write vulnerability in multiple products A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. | 7.8 |
| 2019-08-15 | CVE-2019-13220 | Use of Uninitialized Resource vulnerability in multiple products Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. | 7.1 |
| 2019-08-15 | CVE-2019-13219 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | 5.5 |
| 2019-08-15 | CVE-2019-13218 | Divide By Zero vulnerability in multiple products Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | 5.5 |