Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2019-07-23 CVE-2019-2769 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities).
network
low complexity
oracle debian canonical redhat hp mcafee opensuse
5.3
5.3
2019-07-23 CVE-2019-2762 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities).
network
low complexity
oracle canonical opensuse debian redhat mcafee hp
5.3
5.3
2019-07-23 CVE-2019-2745 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security).
local
high complexity
oracle debian canonical opensuse mcafee hp
5.1
5.1
2019-07-23 CVE-2019-9811 Injection vulnerability in multiple products
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation.
network
high complexity
mozilla debian novell opensuse CWE-74
8.3
8.3
2019-07-23 CVE-2019-11730 A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed.
network
low complexity
mozilla debian opensuse suse
6.5
6.5
2019-07-23 CVE-2019-11717 Improper Encoding or Escaping of Output vulnerability in multiple products
A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes.
network
low complexity
mozilla debian novell opensuse CWE-116
5.3
5.3
2019-07-23 CVE-2019-11711 When an inner window is reused, it does not consider the use of document.domain for cross-origin protections.
network
low complexity
mozilla debian
8.8
8.8
2019-07-23 CVE-2019-11709 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7.
network
low complexity
mozilla opensuse suse debian CWE-787
7.5
7.5
2019-07-22 CVE-2019-9959 Integer Overflow or Wraparound vulnerability in multiple products
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
network
low complexity
freedesktop debian fedoraproject redhat CWE-190
6.5
6.5
2019-07-19 CVE-2019-12815 Improper Handling of Exceptional Conditions vulnerability in multiple products
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
network
low complexity
proftpd fedoraproject debian siemens CWE-755
critical
 9.8
9.8