Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-03-09 | CVE-2019-9637 | An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data. | Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php | 7.5 | ||
2018-11-29 | CVE-2018-8789 | FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). | Ubuntu_linux, Debian_linux, Freerdp | 7.5 | ||
2018-11-29 | CVE-2018-8788 | FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. | Ubuntu_linux, Debian_linux, Freerdp | 9.8 | ||
2018-11-29 | CVE-2018-8787 | FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. | Ubuntu_linux, Debian_linux, Freerdp | 9.8 | ||
2018-12-26 | CVE-2018-19870 | An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. | Debian_linux, Leap, Qt | 8.8 | ||
2018-12-26 | CVE-2018-15518 | QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. | Debian_linux, Leap, Qt | 8.8 | ||
2015-02-27 | CVE-2015-1414 | Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory. | Debian_linux, Freebsd, Pfsense | N/A | ||
2019-01-11 | CVE-2019-6133 | In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. | Ubuntu_linux, Debian_linux, Polkit, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 6.7 | ||
2003-07-02 | CVE-2003-0367 | znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | Debian_linux, Gzip | N/A | ||
2019-04-08 | CVE-2019-11009 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. | Debian_linux, Graphicsmagick, Leap | 8.1 |