Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-18 CVE-2018-16515 Improper Verification of Cryptographic Signature vulnerability in multiple products
Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.
network
low complexity
matrix debian CWE-347
8.8
2018-09-18 CVE-2018-13982 Path Traversal vulnerability in multiple products
Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization.
network
low complexity
smarty debian CWE-22
7.5
2018-09-17 CVE-2018-11781 Code Injection vulnerability in multiple products
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.
local
low complexity
apache redhat debian canonical CWE-94
7.8
2018-09-16 CVE-2018-17101 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in LibTIFF 4.0.9.
network
low complexity
debian libtiff canonical CWE-787
8.8
2018-09-16 CVE-2018-17100 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in LibTIFF 4.0.9.
network
low complexity
debian libtiff canonical CWE-190
8.8
2018-09-14 CVE-2018-12086 Out-of-bounds Write vulnerability in multiple products
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
network
low complexity
opcfoundation debian CWE-787
7.5
2018-09-13 CVE-2018-16741 OS Command Injection vulnerability in multiple products
An issue was discovered in mgetty before 1.2.1.
local
low complexity
mgetty-project debian CWE-78
7.8
2018-09-12 CVE-2018-16981 Out-of-bounds Write vulnerability in multiple products
stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.
network
low complexity
nothings debian CWE-787
8.8
2018-09-12 CVE-2018-16949 Resource Exhaustion vulnerability in multiple products
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2.
network
low complexity
openafs debian CWE-400
7.5
2018-09-12 CVE-2018-16948 Information Exposure vulnerability in multiple products
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2.
network
low complexity
openafs debian CWE-200
7.5