Vulnerabilities (CVE)

Vendor filter

Debian Subscribe

Product filter

Debian Linux Subscribe

Filter

2262 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-16065 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-16 6.8
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2018-20549 2 Libcaca Project, Debian 2 Libcaca, Debian Linux 2019-01-16 6.8
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
CVE-2018-20547 2 Libcaca Project, Debian 2 Libcaca, Debian Linux 2019-01-16 4.3
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data.
CVE-2018-20546 2 Libcaca Project, Debian 2 Libcaca, Debian Linux 2019-01-16 4.3
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case.
CVE-2018-20544 2 Libcaca Project, Debian 2 Libcaca, Debian Linux 2019-01-16 4.3
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.
CVE-2018-16058 2 Wireshark, Debian 2 Wireshark, Debian Linux 2019-01-16 5.0
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.
CVE-2018-16057 2 Wireshark, Debian 2 Wireshark, Debian Linux 2019-01-16 5.0
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.
CVE-2018-15127 1 Debian 1 Debian Linux 2019-01-16 7.5
LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution
CVE-2017-7658 2 Eclipse, Debian 2 Jetty, Debian Linux 2019-01-16 7.5
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length...
CVE-2018-6126 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 6.8
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
CVE-2018-6151 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 6.8
Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.
CVE-2018-6135 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 4.3
Lack of clearing the previous site before loading alerts from a new one in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2018-6117 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 4.3
Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2018-6120 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 6.8
An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
CVE-2018-17470 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 4.3
A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2018-6169 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 4.3
Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.
CVE-2018-18584 5 Kyzer, Canonical, Debian and 2 more 5 Limbspack, Ubuntu Linux, Debian Linux and 2 more 2019-01-15 4.3
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
CVE-2018-16068 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 6.8
Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2018-16066 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 4.3
A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-16067 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-01-15 4.3
A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.