Product:

Debian_linux

(Debian)
Repositories https://github.com/torvalds/linux
https://github.com/WordPress/WordPress
https://github.com/rdesktop/rdesktop
https://github.com/FFmpeg/FFmpeg
https://github.com/neomutt/neomutt
https://github.com/ImageMagick/ImageMagick
https://github.com/FasterXML/jackson-databind
https://github.com/redmine/redmine
https://github.com/rubygems/rubygems
https://github.com/dbry/WavPack
https://github.com/bcgit/bc-java
https://github.com/krb5/krb5
https://github.com/kyz/libmspack
https://github.com/libgd/libgd
https://github.com/gpac/gpac
https://github.com/mantisbt/mantisbt
https://github.com/newsoft/libvncserver
https://github.com/uriparser/uriparser
https://github.com/FreeRDP/FreeRDP
https://github.com/ceph/ceph
https://github.com/LibRaw/LibRaw
https://github.com/verdammelt/tnef
https://github.com/php/php-src
https://github.com/antirez/redis
https://github.com/Perl/perl5
https://github.com/Yeraze/ytnef
https://github.com/ARMmbed/mbedtls
https://github.com/OTRS/otrs
https://github.com/LibVNC/libvncserver
https://github.com/libgit2/libgit2
https://github.com/openssl/openssl
https://github.com/mdadams/jasper
https://github.com/inspircd/inspircd
https://github.com/python-pillow/Pillow
https://github.com/perl5-dbi/DBD-mysql
https://github.com/libevent/libevent
https://github.com/ntp-project/ntp
https://github.com/curl/curl
https://github.com/szukw000/openjpeg
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/dovecot/core
https://github.com/kamailio/kamailio
https://github.com/mm2/Little-CMS
https://github.com/znc/znc
https://github.com/memcached/memcached
https://github.com/uclouvain/openjpeg
https://github.com/vadz/libtiff
https://github.com/horde/horde
https://github.com/mono/mono
https://github.com/derickr/timelib
https://github.com/libarchive/libarchive
https://github.com/openbsd/src
https://git.savannah.gnu.org/git/patch.git
https://github.com/puppetlabs/puppet
https://github.com/beanshell/beanshell
https://github.com/dom4j/dom4j
https://github.com/golang/go
https://github.com/sleuthkit/sleuthkit
https://github.com/zhutougg/c3p0
https://github.com/flori/json
https://github.com/symfony/symfony
https://github.com/akrennmair/newsbeuter
https://github.com/simplesamlphp/simplesamlphp
https://github.com/apple/cups
https://github.com/phusion/passenger
https://github.com/eldy/awstats
https://github.com/libyal/libevt
https://github.com/jcupitt/libvips
https://github.com/paramiko/paramiko
https://github.com/simplesamlphp/saml2
https://github.com/DanBloomberg/leptonica
https://github.com/anymail/django-anymail
https://github.com/mpv-player/mpv
https://github.com/python/cpython
https://github.com/lxml/lxml
https://github.com/git/git
https://github.com/TeX-Live/texlive-source
https://github.com/ImageMagick/ImageMagick6
https://github.com/resiprocate/resiprocate
https://github.com/vim-syntastic/syntastic
https://github.com/codehaus-plexus/plexus-archiver
https://github.com/gosa-project/gosa-core
https://github.com/Cisco-Talos/clamav-devel
https://github.com/GNOME/librsvg
https://github.com/apache/httpd
https://github.com/varnishcache/varnish-cache
https://git.kernel.org/pub/scm/git/git.git
https://github.com/weechat/weechat
https://github.com/viewvc/viewvc
https://github.com/moinwiki/moin-1.9
https://github.com/mapserver/mapserver
https://github.com/karelzak/util-linux
https://github.com/splitbrain/dokuwiki
https://github.com/heimdal/heimdal
https://github.com/openstack/swauth
https://github.com/shadowsocks/shadowsocks-libev
https://github.com/GNOME/evince
https://github.com/torproject/tor
https://github.com/bottlepy/bottle
https://github.com/charybdis-ircd/charybdis
https://github.com/westes/flex
https://github.com/mjg59/pupnp-code
https://github.com/collectd/collectd
https://github.com/django/django
https://git.videolan.org/git/vlc.git
https://github.com/atheme/atheme
https://github.com/jpirko/libndp
https://github.com/fragglet/lhasa
https://github.com/neovim/neovim
https://github.com/Quagga/quagga
https://github.com/rohe/pysaml2
https://github.com/mysql/mysql-server
https://github.com/varnish/Varnish-Cache
https://github.com/PHPMailer/PHPMailer
https://github.com/inverse-inc/sogo
https://github.com/Automattic/Genericons
https://github.com/jmacd/xdelta-devel
https://github.com/file/file
https://github.com/ellson/graphviz
https://github.com/axkibe/lsyncd
https://github.com/quassel/quassel
https://github.com/yarolig/didiwiki
https://github.com/jquery/jquery-ui
https://github.com/openssh/openssh-portable
#Vulnerabilities 3337
Date ID Summary Products Score Patch
2018-11-06 CVE-2018-9422 In get_futex_key of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74250718 References: Upstream kernel. Debian_linux, Android 7.8
2018-03-01 CVE-2018-7584 In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string. Ubuntu_linux, Debian_linux, Php 9.8
2018-01-16 CVE-2018-5712 An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. Ubuntu_linux, Debian_linux, Php 6.1
2018-01-16 CVE-2018-5711 gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. Ubuntu_linux, Debian_linux, Php 5.5
2018-12-11 CVE-2018-18359 Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation 8.8
2018-12-11 CVE-2018-18358 Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file. Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 5.7
2018-12-11 CVE-2018-18357 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2018-12-11 CVE-2018-18355 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2018-12-11 CVE-2018-18354 Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page. Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 8.8
2018-12-11 CVE-2018-18353 Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page. Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 6.5