Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-12-08 | CVE-2018-19966 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595. | Debian_linux, Xen | 8.8 | ||
2018-12-10 | CVE-2018-20004 | An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml. | Debian_linux, Fedora, Mini\-Xml | 8.8 | ||
2018-12-11 | CVE-2018-17481 | Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
2018-12-11 | CVE-2018-18335 | Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
2018-12-11 | CVE-2018-18336 | Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
2018-12-11 | CVE-2018-18337 | Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
2018-12-11 | CVE-2018-18338 | Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
2018-12-11 | CVE-2018-18339 | Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
2018-12-11 | CVE-2018-18340 | Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
2018-12-11 | CVE-2018-18341 | An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 |