Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-29 | CVE-2019-14379 | SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. | 9.8 |
2019-07-28 | CVE-2019-14370 | Out-of-bounds Read vulnerability in multiple products In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. | 6.5 |
2019-07-28 | CVE-2019-14369 | Out-of-bounds Read vulnerability in multiple products Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file. | 6.5 |
2019-07-26 | CVE-2019-13638 | OS Command Injection vulnerability in multiple products GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. | 7.8 |
2019-07-26 | CVE-2019-13565 | An issue was discovered in OpenLDAP 2.x before 2.4.48. | 7.5 |
2019-07-26 | CVE-2019-13057 | An issue was discovered in the server in OpenLDAP before 2.4.48. | 3.5 |
2019-07-26 | CVE-2019-14275 | Out-of-bounds Write vulnerability in multiple products Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. | 5.5 |
2019-07-25 | CVE-2019-13917 | Data Processing Errors vulnerability in multiple products Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). | 10.0 |
2019-07-25 | CVE-2019-1010174 | Command Injection vulnerability in multiple products CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. | 9.8 |
2019-07-23 | CVE-2019-2816 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). | 4.8 |