Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-31 | CVE-2016-6328 | A vulnerability was found in libexif. | 8.1 |
2018-10-31 | CVE-2018-11759 | Path Traversal vulnerability in multiple products The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. | 7.5 |
2018-10-31 | CVE-2018-14653 | The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the '__server_getspec' function via the 'gf_getspec_req' RPC message. | 8.8 |
2018-10-30 | CVE-2018-18281 | Incomplete Cleanup vulnerability in multiple products Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. | 7.8 |
2018-10-29 | CVE-2018-18718 | Double Free vulnerability in multiple products An issue was discovered in gThumb through 3.6.2. | 7.8 |
2018-10-26 | CVE-2018-15688 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. | 8.8 |
2018-10-26 | CVE-2018-15686 | Deserialization of Untrusted Data vulnerability in multiple products A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. | 7.8 |
2018-10-26 | CVE-2018-18654 | Incorrect Permission Assignment for Critical Resource vulnerability in Debian Crossroads 2.81 Crossroads 2.81 does not properly handle the /tmp directory during a build of xr. | 7.8 |
2018-10-24 | CVE-2016-10729 | Command Injection vulnerability in multiple products An issue was discovered in Amanda 3.3.1. | 7.8 |
2018-10-23 | CVE-2018-16837 | Missing Encryption of Sensitive Data vulnerability in multiple products Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. | 7.8 |