Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-05 | CVE-2019-15946 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c. | 6.4 |
| 2019-09-05 | CVE-2019-15945 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c. | 6.4 |
| 2019-09-05 | CVE-2019-15939 | Divide By Zero vulnerability in multiple products An issue was discovered in OpenCV 4.1.0. | 5.9 |
| 2019-09-04 | CVE-2019-15902 | Information Exposure vulnerability in multiple products A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. | 5.6 |
| 2019-09-03 | CVE-2015-9383 | Out-of-bounds Read vulnerability in multiple products FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c. | 6.5 |
| 2019-09-03 | CVE-2015-9382 | Out-of-bounds Read vulnerability in multiple products FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation. | 6.5 |
| 2019-08-29 | CVE-2019-14534 | NULL Pointer Dereference vulnerability in multiple products In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. | 5.5 |
| 2019-08-29 | CVE-2019-15807 | Memory Leak vulnerability in multiple products In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. | 4.7 |
| 2019-08-27 | CVE-2019-13274 | Cross-site Scripting vulnerability in multiple products In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter. | 6.1 |
| 2019-08-27 | CVE-2019-15666 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.19. | 4.4 |