Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2018-04-04 CVE-2018-9263 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash.
network
low complexity
wireshark debian
7.5
2018-04-04 CVE-2018-9262 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-04-04 CVE-2018-9261 Excessive Iteration vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow.
network
low complexity
wireshark debian CWE-834
7.5
2018-04-04 CVE-2018-9260 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-04-04 CVE-2018-9259 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-04-04 CVE-2018-9258 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-04-04 CVE-2018-9256 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-04-03 CVE-2018-9240 NULL Pointer Dereference vulnerability in multiple products
ncmpc through 0.29 is prone to a NULL pointer dereference flaw.
network
low complexity
ncmpc-project debian canonical CWE-476
7.5
2018-04-03 CVE-2018-8780 Path Traversal vulnerability in Ruby-Lang Ruby
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters.
network
low complexity
ruby-lang canonical debian CWE-22
7.5
2018-04-03 CVE-2018-0493 Use After Free vulnerability in multiple products
remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sudo option, has a use-after-free that leads to a daemon crash, memory corruption, or arbitrary command execution.
network
low complexity
eyrie debian CWE-416
7.2