Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-27 | CVE-2019-5818 | Use of Uninitialized Resource vulnerability in multiple products Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. | 6.5 |
| 2019-06-27 | CVE-2019-5814 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2019-06-27 | CVE-2019-5810 | Cleartext Storage of Sensitive Information vulnerability in multiple products Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2019-06-27 | CVE-2019-5805 | Use After Free vulnerability in multiple products Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 6.5 |
| 2019-06-26 | CVE-2019-12976 | Memory Leak vulnerability in multiple products ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. | 5.5 |
| 2019-06-26 | CVE-2019-12975 | Memory Leak vulnerability in multiple products ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. | 5.5 |
| 2019-06-26 | CVE-2019-12973 | Excessive Iteration vulnerability in multiple products In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. | 5.5 |
| 2019-06-24 | CVE-2019-12384 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. | 5.9 |
| 2019-06-19 | CVE-2019-12814 | Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. | 5.9 |
| 2019-06-19 | CVE-2019-11038 | Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. | 5.3 |