Vulnerabilities > Debian > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-06 | CVE-2019-3463 | Argument Injection or Modification vulnerability in multiple products Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. | 9.8 |
| 2019-02-05 | CVE-2018-18505 | Improper Authentication vulnerability in multiple products An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. | 10.0 |
| 2019-02-05 | CVE-2018-18501 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. | 9.8 |
| 2019-02-05 | CVE-2018-18500 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. | 9.8 |
| 2019-02-05 | CVE-2018-8800 | Out-of-bounds Write vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution. | 9.8 |
| 2019-02-05 | CVE-2018-8797 | Out-of-bounds Write vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution. | 9.8 |
| 2019-02-05 | CVE-2018-8795 | Integer Overflow or Wraparound vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution. | 9.8 |
| 2019-02-05 | CVE-2018-8794 | Integer Overflow or Wraparound vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution. | 9.8 |
| 2019-02-05 | CVE-2018-8793 | Out-of-bounds Write vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution. | 9.8 |
| 2019-02-05 | CVE-2018-4056 | SQL Injection vulnerability in multiple products An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9. | 9.8 |