Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-03-21 | CVE-2018-19985 | The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space. | Debian_linux, Linux_kernel, Active_iq_performance_analytics_services, Element_software_management_node | 4.6 | ||
| 2019-02-12 | CVE-2019-8308 | Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file. | Debian_linux, Flatpak, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.2 | ||
| 2019-01-16 | CVE-2017-3142 | An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1,... | Debian_linux, Bind, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 3.7 | ||
| 2018-07-10 | CVE-2018-1129 | A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. | Ceph, Debian_linux, Leap, Ceph_storage, Ceph_storage_mon, Ceph_storage_osd, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2019-08-27 | CVE-2019-13486 | In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c. | Debian_linux, Xymon | 9.8 | ||
| 2019-08-27 | CVE-2019-13485 | In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c. | Debian_linux, Xymon | 9.8 | ||
| 2019-08-27 | CVE-2019-13484 | In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c. | Debian_linux, Xymon | 9.8 | ||
| 2019-08-27 | CVE-2019-13455 | In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c. | Debian_linux, Xymon | 9.8 | ||
| 2019-08-27 | CVE-2019-13452 | In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c. | Debian_linux, Xymon | 9.8 | ||
| 2019-08-27 | CVE-2019-13451 | In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. | Debian_linux, Xymon | 9.8 |