Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-29 | CVE-2019-11500 | In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution. | Debian_linux, Dovecot, Pigeonhole, Fedora | 9.8 | ||
| 2019-08-29 | CVE-2019-15807 | In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service. | Debian_linux, Linux_kernel, Enterprise_linux | 4.7 | ||
| 2019-09-03 | CVE-2019-10197 | A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share. | Ubuntu_linux, Debian_linux, Samba | 9.1 | ||
| 2019-09-03 | CVE-2019-14811 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. | Ghostscript, Debian_linux, Fedora, Leap, Openshift_container_platform | 7.8 | ||
| 2019-09-03 | CVE-2019-14817 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. | Ghostscript, Debian_linux, Fedora, Leap, Openshift_container_platform | 7.8 | ||
| 2019-09-03 | CVE-2019-15892 | An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack. | Debian_linux, Varnish_cache, Varnish_cache | 7.5 | ||
| 2019-09-04 | CVE-2019-15926 | An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. | Ubuntu_linux, Debian_linux, Linux_kernel | 9.1 | ||
| 2019-09-05 | CVE-2019-15945 | OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c. | Debian_linux, Fedora, Opensc | 6.4 | ||
| 2019-09-05 | CVE-2019-15946 | OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c. | Debian_linux, Fedora, Opensc | 6.4 | ||
| 2019-09-06 | CVE-2019-15846 | Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. | Debian_linux, Exim | 9.8 |