Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-09 CVE-2018-6096 Improper Input Validation vulnerability in multiple products
A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
network
low complexity
google debian redhat CWE-20
6.5
6.5
2019-01-09 CVE-2018-6093 Information Exposure vulnerability in multiple products
Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google debian redhat CWE-200
6.5
6.5
2019-01-09 CVE-2018-6091 Data Processing Errors vulnerability in multiple products
Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google debian redhat CWE-19
6.5
6.5
2019-01-09 CVE-2018-16067 Use After Free vulnerability in multiple products
A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian redhat CWE-416
6.5
6.5
2019-01-09 CVE-2018-16066 Use After Free vulnerability in multiple products
A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian redhat CWE-416
6.5
6.5
2019-01-08 CVE-2019-5719 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash.
local
low complexity
wireshark debian CWE-327
5.5
5.5
2019-01-08 CVE-2019-5718 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash.
local
low complexity
wireshark debian CWE-125
5.5
5.5
2019-01-08 CVE-2019-5717 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash.
local
low complexity
wireshark debian CWE-20
5.5
5.5
2019-01-08 CVE-2019-5716 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash.
local
low complexity
wireshark debian CWE-20
5.5
5.5
2019-01-03 CVE-2019-3701 Out-of-bounds Write vulnerability in Linux Kernel
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13.
local
low complexity
linux debian canonical CWE-787
4.9
4.9