Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-04-19 | CVE-2019-11338 | libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. | Ubuntu_linux, Debian_linux, Ffmpeg, Suse_package_hub_for_suse_linux_enterprise | 8.8 | ||
| 2020-01-02 | CVE-2019-20218 | selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. | Ubuntu_linux, Debian_linux, Mysql_workbench, Sqlite | 7.5 | ||
| 2018-01-19 | CVE-2018-5786 | In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. | Debian_linux, Long_range_zip | 5.5 | ||
| 2018-02-28 | CVE-2018-7557 | The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data. | Debian_linux, Ffmpeg | 6.5 | ||
| 2018-07-03 | CVE-2018-13096 | An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image. | Ubuntu_linux, Debian_linux, Linux_kernel, Leap | 5.5 | ||
| 2018-07-03 | CVE-2018-13099 | An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr. | Ubuntu_linux, Debian_linux, Linux_kernel, Leap | 5.5 | ||
| 2018-08-23 | CVE-2018-15822 | The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure. | Ubuntu_linux, Debian_linux, Ffmpeg | 7.5 | ||
| 2019-03-12 | CVE-2019-9718 | In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. | Ubuntu_linux, Debian_linux, Ffmpeg | 6.5 | ||
| 2019-09-11 | CVE-2019-16223 | WordPress before 5.2.3 allows XSS in post previews by authenticated users. | Debian_linux, Wordpress | 5.4 | ||
| 2017-01-27 | CVE-2017-3313 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible... | Ubuntu_linux, Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 4.7 |