Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-31 | CVE-2019-5010 | NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. | 7.5 |
2019-10-31 | CVE-2013-1910 | Improper Input Validation vulnerability in multiple products yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository. | 7.5 |
2019-10-31 | CVE-2009-5043 | Improper Handling of Exceptional Conditions vulnerability in multiple products burn allows file names to escape via mishandled quotation marks | 7.5 |
2019-10-31 | CVE-2009-5041 | Classic Buffer Overflow vulnerability in Debian Overkill overkill has buffer overflow via long player names that can corrupt data on the server machine | 7.5 |
2019-10-31 | CVE-2019-18423 | Off-by-one Error vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. | 8.8 |
2019-10-31 | CVE-2019-18422 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. | 8.8 |
2019-10-31 | CVE-2019-18421 | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. | 7.5 |
2019-10-30 | CVE-2010-0748 | Improper Input Validation vulnerability in multiple products Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link. | 7.5 |
2019-10-24 | CVE-2019-17596 | Interpretation Conflict vulnerability in multiple products Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. | 7.5 |
2019-10-24 | CVE-2019-18408 | Use After Free vulnerability in multiple products archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol. | 7.5 |