Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8867 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-14816 | 7 Canonical, Debian, Fedoraproject and 4 more | 60 Ubuntu Linux, Debian Linux, Fedora and 57 more | 2024-08-05 | 7.8 High |
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||||
CVE-2019-14896 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-08-05 | 9.8 Critical |
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP. | ||||
CVE-2019-14814 | 6 Canonical, Debian, Linux and 3 more | 50 Ubuntu Linux, Debian Linux, Linux Kernel and 47 more | 2024-08-05 | 7.8 High |
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||||
CVE-2019-14813 | 5 Artifex, Debian, Fedoraproject and 2 more | 13 Ghostscript, Debian Linux, Fedora and 10 more | 2024-08-05 | 9.8 Critical |
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. | ||||
CVE-2019-14777 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-08-05 | N/A |
The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | ||||
CVE-2019-14776 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-08-05 | N/A |
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. | ||||
CVE-2019-14811 | 5 Artifex, Debian, Fedoraproject and 2 more | 7 Ghostscript, Debian Linux, Fedora and 4 more | 2024-08-05 | 7.8 High |
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. | ||||
CVE-2019-14744 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-08-05 | 7.8 High |
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file. | ||||
CVE-2019-14778 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-08-05 | N/A |
The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | ||||
CVE-2019-14586 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2024-08-05 | 8.0 High |
Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access. | ||||
CVE-2019-14540 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 28 Debian Linux, Jackson-databind, Fedora and 25 more | 2024-08-05 | 9.8 Critical |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. | ||||
CVE-2019-14535 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-08-05 | N/A |
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file. | ||||
CVE-2019-14438 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-08-05 | N/A |
A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file. | ||||
CVE-2019-14563 | 3 Debian, Redhat, Tianocore | 3 Debian Linux, Enterprise Linux, Edk2 | 2024-08-05 | 7.8 High |
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
CVE-2019-14558 | 2 Debian, Intel | 56 Debian Linux, Bios, Celeron 4205u and 53 more | 2024-08-05 | 5.7 Medium |
Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access. | ||||
CVE-2019-14587 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2024-08-05 | 6.5 Medium |
Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
CVE-2019-14493 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2024-08-05 | 7.5 High |
An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp. | ||||
CVE-2019-14562 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2024-08-05 | 5.5 Medium |
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | ||||
CVE-2019-14439 | 6 Apache, Debian, Fasterxml and 3 more | 20 Drill, Debian Linux, Jackson-databind and 17 more | 2024-08-05 | 7.5 High |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. | ||||
CVE-2019-14463 | 3 Debian, Fedoraproject, Libmodbus | 3 Debian Linux, Fedora, Libmodbus | 2024-08-05 | 9.1 Critical |
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301. |