Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-11-29 | CVE-2018-19628 | In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error. | Debian_linux, Wireshark | 7.5 | ||
| 2018-11-29 | CVE-2018-8786 | FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. | Ubuntu_linux, Debian_linux, Fedora, Freerdp, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 9.8 | ||
| 2018-11-29 | CVE-2018-19497 | In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c). | Debian_linux, Fedora, The_sleuth_kit | 6.5 | ||
| 2018-12-04 | CVE-2018-19841 | The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. | Ubuntu_linux, Debian_linux, Fedora, Leap, Wavpack | 5.5 | ||
| 2018-12-04 | CVE-2018-6085 | Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6086 | A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6087 | A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6088 | An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6089 | A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 6.5 | ||
| 2018-12-04 | CVE-2018-6090 | An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 |