Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-31 | CVE-2019-14462 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. | 9.1 |
2019-07-31 | CVE-2019-10185 | Path Traversal vulnerability in multiple products It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. | 8.6 |
2019-07-31 | CVE-2019-10181 | Insufficient Verification of Data Authenticity vulnerability in multiple products It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. | 8.1 |
2019-07-31 | CVE-2019-14459 | Integer Overflow or Wraparound vulnerability in multiple products nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service). | 7.5 |
2019-07-30 | CVE-2019-10156 | Information Exposure vulnerability in multiple products A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. | 5.5 |
2019-07-30 | CVE-2019-14380 | Out-of-bounds Read vulnerability in multiple products libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files. | 6.5 |
2019-07-30 | CVE-2019-14443 | Divide By Zero vulnerability in multiple products An issue was discovered in Libav 12.3. | 6.5 |
2019-07-30 | CVE-2019-14442 | Infinite Loop vulnerability in multiple products In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. | 6.5 |
2019-07-30 | CVE-2019-14439 | Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. | 7.5 |
2019-07-29 | CVE-2019-14271 | Improper Initialization vulnerability in multiple products In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container. | 7.5 |