Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-08-29 CVE-2019-11500 Out-of-bounds Write vulnerability in multiple products
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings.
network
low complexity
dovecot debian fedoraproject CWE-787
critical
 9.8
9.8
2019-08-27 CVE-2019-13486 Out-of-bounds Write vulnerability in multiple products
In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of   expansion in svcstatus.c.
network
low complexity
xymon debian CWE-787
critical
 9.8
9.8
2019-08-27 CVE-2019-13485 Out-of-bounds Write vulnerability in multiple products
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c.
network
low complexity
xymon debian CWE-787
critical
 9.8
9.8
2019-08-27 CVE-2019-13484 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of   expansion in appfeed.c.
network
low complexity
xymon debian CWE-119
critical
 9.8
9.8
2019-08-27 CVE-2019-13455 Out-of-bounds Write vulnerability in multiple products
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of   expansion in acknowledge.c.
network
low complexity
xymon debian CWE-787
critical
 9.8
9.8
2019-08-27 CVE-2019-13452 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
network
low complexity
xymon debian CWE-119
critical
 9.8
9.8
2019-08-27 CVE-2019-13451 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.
network
low complexity
xymon debian CWE-119
critical
 9.8
9.8
2019-08-27 CVE-2019-13273 Out-of-bounds Write vulnerability in multiple products
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script.
network
low complexity
xymon debian CWE-787
critical
 9.8
9.8
2019-08-23 CVE-2019-15505 Out-of-bounds Read vulnerability in multiple products
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
network
low complexity
linux debian canonical CWE-125
critical
 9.8
9.8
2019-08-16 CVE-2019-5477 OS Command Injection vulnerability in multiple products
A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open` method.
network
low complexity
nokogiri canonical debian CWE-78
critical
 9.8
9.8