Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-27 CVE-2018-14609 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.10. 		7.1
7.1
2018-07-26 CVE-2018-10879 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
canonical linux debian redhat CWE-416
7.8
7.8
2018-07-26 CVE-2018-10878 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
canonical linux debian redhat CWE-787
7.8
7.8
2018-07-26 CVE-2017-12163 Information Exposure vulnerability in multiple products
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8.
low complexity
samba redhat debian CWE-200
7.1
7.1
2018-07-26 CVE-2018-10900 OS Command Injection vulnerability in multiple products
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack.
local
low complexity
gnome debian CWE-78
7.2
7.2
2018-07-26 CVE-2017-7558 Out-of-bounds Read vulnerability in multiple products
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13.
network
low complexity
linux debian CWE-125
7.5
7.5
2018-07-24 CVE-2018-10906 Improper Privilege Management vulnerability in multiple products
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active.
local
low complexity
debian fuse-project redhat CWE-269
7.8
7.8
2018-07-23 CVE-2018-1999010 Out-of-bounds Read vulnerability in multiple products
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data.
network
low complexity
ffmpeg debian CWE-125
7.5
7.5
2018-07-19 CVE-2017-7481 Improper Input Validation vulnerability in multiple products
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe.
network
low complexity
redhat canonical debian CWE-20
7.5
7.5
2018-07-19 CVE-2018-14369 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
7.5