Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8867 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13732 | 4 Debian, Fedoraproject, Google and 1 more | 8 Debian Linux, Fedora, Chrome and 5 more | 2024-08-05 | 8.8 High |
| Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2019-13751 | 5 Canonical, Debian, Fedoraproject and 2 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-08-05 | 6.5 Medium |
| Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | ||||
| CVE-2019-13741 | 4 Debian, Fedoraproject, Google and 1 more | 8 Debian Linux, Fedora, Chrome and 5 more | 2024-08-05 | 8.8 High |
| Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content. | ||||
| CVE-2019-13750 | 5 Canonical, Debian, Fedoraproject and 2 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-08-05 | 6.5 Medium |
| Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page. | ||||
| CVE-2019-13758 | 4 Debian, Fedoraproject, Google and 1 more | 9 Debian Linux, Fedora, Android and 6 more | 2024-08-05 | 4.3 Medium |
| Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | ||||
| CVE-2019-13638 | 3 Debian, Gnu, Redhat | 7 Debian Linux, Patch, Enterprise Linux and 4 more | 2024-08-04 | N/A |
| GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156. | ||||
| CVE-2019-13627 | 5 Canonical, Debian, Libgcrypt20 Project and 2 more | 5 Ubuntu Linux, Debian Linux, Libgcrypt20 and 2 more | 2024-08-04 | 6.3 Medium |
| It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. | ||||
| CVE-2019-13619 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-08-04 | 7.5 High |
| In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments. | ||||
| CVE-2019-13626 | 4 Debian, Fedoraproject, Libsdl and 1 more | 4 Debian Linux, Fedora, Libsdl and 1 more | 2024-08-04 | 6.5 Medium |
| SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c. | ||||
| CVE-2019-13616 | 6 Canonical, Debian, Fedoraproject and 3 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2024-08-04 | 8.1 High |
| SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | ||||
| CVE-2019-13602 | 4 Canonical, Debian, Opensuse and 1 more | 5 Ubuntu Linux, Debian Linux, Backports Sle and 2 more | 2024-08-04 | 7.8 High |
| An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. | ||||
| CVE-2019-13565 | 7 Apple, Canonical, Debian and 4 more | 9 Mac Os X, Ubuntu Linux, Debian Linux and 6 more | 2024-08-04 | 7.5 High |
| An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user. | ||||
| CVE-2019-13574 | 2 Debian, Minimagick Project | 2 Debian Linux, Minimagick | 2024-08-04 | N/A |
| In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command. | ||||
| CVE-2019-13484 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2024-08-04 | N/A |
| In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c. | ||||
| CVE-2019-13485 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2024-08-04 | N/A |
| In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c. | ||||
| CVE-2019-13504 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2024-08-04 | 6.5 Medium |
| There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2. | ||||
| CVE-2019-13486 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2024-08-04 | N/A |
| In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c. | ||||
| CVE-2019-13454 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 6.5 Medium |
| ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. | ||||
| CVE-2019-13455 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2024-08-04 | N/A |
| In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c. | ||||
| CVE-2019-13451 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2024-08-04 | N/A |
| In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. | ||||