Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-07-25 CVE-2019-1010174 Command Injection vulnerability in multiple products
CImg The CImg Library v.2.3.3 and earlier is affected by: command injection.
network
low complexity
cimg debian CWE-77
critical
 9.8
9.8
2019-07-19 CVE-2019-12815 Improper Handling of Exceptional Conditions vulnerability in multiple products
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
network
low complexity
proftpd fedoraproject debian siemens CWE-755
critical
 9.8
9.8
2019-07-19 CVE-2019-1010238 Out-of-bounds Write vulnerability in multiple products
Gnome Pango 1.42 and later is affected by: Buffer Overflow.
network
low complexity
gnome oracle fedoraproject debian canonical redhat CWE-787
critical
 9.8
9.8
2019-07-18 CVE-2019-13962 Out-of-bounds Read vulnerability in multiple products
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
network
low complexity
videolan opensuse debian canonical CWE-125
critical
 9.8
9.8
2019-07-17 CVE-2019-9848 Code Injection vulnerability in multiple products
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc.
network
low complexity
libreoffice canonical fedoraproject debian opensuse CWE-94
critical
 9.8
9.8
2019-07-11 CVE-2019-12525 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7.
network
low complexity
squid-cache debian opensuse fedoraproject canonical CWE-787
critical
 9.8
9.8
2019-07-11 CVE-2019-12838 SQL Injection vulnerability in multiple products
SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
network
low complexity
schedmd debian fedoraproject opensuse CWE-89
critical
 9.8
9.8
2019-07-10 CVE-2019-13132 Out-of-bounds Write vulnerability in multiple products
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library.
network
low complexity
zeromq debian canonical fedoraproject CWE-787
critical
 9.8
9.8
2019-07-10 CVE-2019-13224 Use After Free vulnerability in multiple products
A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression.
network
low complexity
oniguruma-project php fedoraproject debian canonical CWE-416
critical
 9.8
9.8
2019-07-03 CVE-2019-7165 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow in DOSBox 0.74-2 allows attackers to execute arbitrary code.
network
low complexity
dosbox debian fedoraproject CWE-119
critical
 9.8
9.8