Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-02 | CVE-2018-13054 | Link Following vulnerability in multiple products An issue was discovered in Cinnamon 1.9.2 through 3.8.6. | 5.8 |
2018-07-02 | CVE-2018-13053 | Integer Overflow or Wraparound vulnerability in Linux Kernel The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | 2.1 |
2018-07-01 | CVE-2018-13043 | Code Injection vulnerability in multiple products scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing. | 7.5 |
2018-06-29 | CVE-2018-10860 | Path Traversal vulnerability in multiple products perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. | 6.4 |
2018-06-29 | CVE-2018-13006 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. | 7.5 |
2018-06-29 | CVE-2018-13005 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. | 7.5 |
2018-06-26 | CVE-2018-12895 | Path Traversal vulnerability in multiple products WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. | 6.5 |
2018-06-26 | CVE-2018-3760 | Information Exposure vulnerability in multiple products There is an information leak vulnerability in Sprockets. | 5.0 |
2018-06-26 | CVE-2017-7658 | HTTP Request Smuggling vulnerability in multiple products In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. | 9.8 |
2018-06-26 | CVE-2018-1000550 | Path Traversal vulnerability in multiple products The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. | 7.5 |