Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-01-06 | CVE-2018-5208 | In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | Debian_linux, Irssi | 9.8 | ||
| 2018-01-06 | CVE-2018-5207 | When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. | Debian_linux, Irssi | 7.5 | ||
| 2018-01-06 | CVE-2018-5206 | When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | Debian_linux, Irssi | 9.8 | ||
| 2018-01-06 | CVE-2018-5205 | When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. | Ubuntu_linux, Debian_linux, Irssi | 7.5 | ||
| 2018-10-18 | CVE-2018-5187 | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Thunderbird | 9.8 | ||
| 2018-06-11 | CVE-2018-5185 | Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. | Ubuntu_linux, Debian_linux, Thunderbird, Thunderbird_esr, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 6.5 | ||
| 2018-06-11 | CVE-2018-5184 | Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. | Ubuntu_linux, Debian_linux, Thunderbird, Thunderbird_esr, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 7.5 | ||
| 2018-06-11 | CVE-2018-5183 | Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8. | Ubuntu_linux, Debian_linux, Firefox_esr, Thunderbird, Thunderbird_esr, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 9.8 | ||
| 2018-06-11 | CVE-2018-5178 | A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8. | Ubuntu_linux, Debian_linux, Firefox_esr, Thunderbird, Thunderbird_esr, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.1 | ||
| 2018-06-11 | CVE-2018-5170 | It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. | Ubuntu_linux, Debian_linux, Thunderbird, Thunderbird_esr, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 4.3 |