Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-01-06 CVE-2019-18792 Interpretation Conflict vulnerability in multiple products
An issue was discovered in Suricata 5.0.0.
network
low complexity
oisf debian CWE-436
critical
 9.1
9.1
2020-01-03 CVE-2019-20330 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
network
low complexity
fasterxml oracle debian netapp CWE-502
critical
 9.8
9.8
2020-01-03 CVE-2020-5312 Classic Buffer Overflow vulnerability in multiple products
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
network
low complexity
python canonical debian fedoraproject CWE-120
critical
 9.8
9.8
2020-01-03 CVE-2020-5311 Classic Buffer Overflow vulnerability in multiple products
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
network
low complexity
python debian canonical fedoraproject CWE-120
critical
 9.8
9.8
2019-12-27 CVE-2019-20041 Improper Input Validation vulnerability in multiple products
wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring.
network
low complexity
wordpress debian CWE-20
critical
 9.8
9.8
2019-12-24 CVE-2019-19953 Out-of-bounds Read vulnerability in multiple products
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
network
low complexity
graphicsmagick debian opensuse CWE-125
critical
 9.1
9.1
2019-12-24 CVE-2019-19951 Out-of-bounds Write vulnerability in multiple products
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
network
low complexity
graphicsmagick debian opensuse CWE-787
critical
 9.8
9.8
2019-12-24 CVE-2019-19950 Use After Free vulnerability in multiple products
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
network
low complexity
graphicsmagick debian opensuse CWE-416
critical
 9.8
9.8
2019-12-24 CVE-2019-19949 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
network
low complexity
imagemagick debian opensuse canonical CWE-125
critical
 9.1
9.1
2019-12-24 CVE-2019-19948 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
network
low complexity
imagemagick debian opensuse canonical CWE-787
critical
 9.8
9.8