Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-11-07 | CVE-2018-16844 | nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. | 7.5 |
2018-11-07 | CVE-2018-16843 | nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. | 7.5 |
2018-11-07 | CVE-2018-19052 | Path Traversal vulnerability in multiple products An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. | 7.5 |
2018-11-06 | CVE-2018-16472 | Improper Input Validation vulnerability in multiple products A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack. | 7.5 |
2018-11-06 | CVE-2018-9516 | Out-of-bounds Write vulnerability in multiple products In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
2018-11-06 | CVE-2018-9422 | Use After Free vulnerability in multiple products In get_futex_key of futex.c, there is a use-after-free due to improper locking. | 7.8 |
2018-11-06 | CVE-2018-9363 | Integer Overflow or Wraparound vulnerability in multiple products In the hidp_process_report in bluetooth, there is an integer overflow. | 8.4 |
2018-11-06 | CVE-2014-10077 | Improper Input Validation vulnerability in multiple products Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash. | 7.5 |
2018-11-05 | CVE-2018-18820 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. | 8.1 |
2018-10-31 | CVE-2018-14651 | It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. | 8.8 |