Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-19 CVE-2018-14423 Divide By Zero vulnerability in multiple products
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
network
low complexity
uclouvain debian CWE-369
7.5
2018-07-19 CVE-2018-14404 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case.
network
low complexity
canonical debian xmlsoft CWE-476
7.5
2018-07-19 CVE-2018-14369 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-07-19 CVE-2018-14368 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
2018-07-19 CVE-2018-14343 Integer Overflow or Wraparound vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash.
network
low complexity
wireshark debian CWE-190
7.5
2018-07-19 CVE-2018-14342 Excessive Iteration vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop.
network
low complexity
wireshark debian CWE-834
7.5
2018-07-19 CVE-2018-14341 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
2018-07-19 CVE-2018-14340 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash.
network
low complexity
wireshark debian CWE-125
7.5
2018-07-19 CVE-2018-14339 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
2018-07-18 CVE-2018-3064 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical debian mariadb
7.1