Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-05 | CVE-2018-16541 | Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. | 5.5 |
| 2018-09-05 | CVE-2018-16539 | Information Exposure vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | 5.5 |
| 2018-09-04 | CVE-2018-6554 | Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. | 4.9 |
| 2018-09-04 | CVE-2018-10930 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_rename_req in glusterfs server. | 4.0 |
| 2018-09-04 | CVE-2018-10929 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs2_create_req in glusterfs server. | 6.5 |
| 2018-09-04 | CVE-2018-10928 | Link Following vulnerability in multiple products A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. | 6.5 |
| 2018-09-04 | CVE-2018-10927 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. | 5.5 |
| 2018-09-04 | CVE-2018-10926 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. | 6.5 |
| 2018-09-04 | CVE-2018-10923 | Improper Input Validation vulnerability in multiple products It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. | 5.5 |
| 2018-09-04 | CVE-2018-10914 | NULL Pointer Dereference vulnerability in multiple products It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. | 4.0 |