Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-29 | CVE-2019-14776 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. | 6.8 |
| 2019-08-29 | CVE-2019-14534 | NULL Pointer Dereference vulnerability in multiple products In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. | 4.3 |
| 2019-08-29 | CVE-2019-14533 | Use After Free vulnerability in multiple products The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | 6.8 |
| 2019-08-29 | CVE-2019-15807 | Memory Leak vulnerability in multiple products In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. | 4.7 |
| 2019-08-29 | CVE-2019-14535 | Divide By Zero vulnerability in multiple products A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. | 6.8 |
| 2019-08-29 | CVE-2019-14498 | Divide By Zero vulnerability in multiple products A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. | 6.8 |
| 2019-08-29 | CVE-2019-14438 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file. | 6.8 |
| 2019-08-29 | CVE-2019-14437 | Out-of-bounds Read vulnerability in multiple products The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. | 6.8 |
| 2019-08-27 | CVE-2019-13274 | Cross-site Scripting vulnerability in multiple products In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter. | 4.3 |
| 2019-08-27 | CVE-2019-15666 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.19. | 4.4 |