Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-07-23 CVE-2019-2816 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle debian opensuse hp mcafee canonical redhat
4.8
4.8
2019-07-23 CVE-2019-2769 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities).
network
low complexity
oracle debian canonical redhat hp mcafee opensuse
5.3
5.3
2019-07-23 CVE-2019-2762 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities).
network
low complexity
oracle canonical opensuse debian redhat mcafee hp
5.3
5.3
2019-07-23 CVE-2019-2745 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security).
local
high complexity
oracle debian canonical opensuse mcafee hp
5.1
5.1
2019-07-23 CVE-2019-11730 A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed.
network
low complexity
mozilla debian opensuse suse
6.5
6.5
2019-07-23 CVE-2019-11717 Improper Encoding or Escaping of Output vulnerability in multiple products
A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes.
network
low complexity
mozilla debian novell opensuse CWE-116
5.3
5.3
2019-07-22 CVE-2019-9959 Integer Overflow or Wraparound vulnerability in multiple products
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
network
low complexity
freedesktop debian fedoraproject redhat CWE-190
6.5
6.5
2019-07-18 CVE-2019-1010065 Integer Overflow or Wraparound vulnerability in multiple products
The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow.
network
low complexity
sleuthkit fedoraproject debian CWE-190
6.5
6.5
2019-07-18 CVE-2019-1010069 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control.
local
low complexity
moinejf debian CWE-119
5.5
5.5
2019-07-17 CVE-2019-13626 Out-of-bounds Read vulnerability in multiple products
SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c.
network
low complexity
libsdl fedoraproject debian opensuse CWE-125
6.5
6.5