CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian » Debian Linux » 8.0 : Security Vulnerabilities Published In 2018 (CVSS score >= 6)

Cpe Name:cpe:/o:debian:debian_linux:8.0
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1000878 416 2018-12-20 2019-04-12
6.8
None Remote Medium Not required Partial Partial Partial
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
2 CVE-2018-1000877 415 2018-12-20 2019-04-12
6.8
None Remote Medium Not required Partial Partial Partial
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
3 CVE-2018-1000805 732 2018-10-08 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
4 CVE-2018-1000802 78 DoS 2018-09-18 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.
5 CVE-2018-1000637 119 DoS Exec Code Overflow 2018-08-20 2018-11-02
6.8
None Remote Medium Not required Partial Partial Partial
zutils version prior to version 1.8-pre2 contains a Buffer Overflow vulnerability in zcat that can result in Potential denial of service or arbitrary code execution. This attack appear to be exploitable via the victim openning a crafted compressed file. This vulnerability appears to have been fixed in 1.8-pre2.
6 CVE-2018-1000632 91 2018-08-20 2019-06-10
6.4
None Remote Low Not required None Partial Partial
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.
7 CVE-2018-1000550 22 Dir. Trav. 2018-06-26 2018-09-06
7.5
None Remote Low Not required Partial Partial Partial
The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This vulnerability appears to have been fixed in 6.2.32.
8 CVE-2018-1000544 434 Dir. Trav. 2018-06-26 2018-11-06
7.5
None Remote Low Not required Partial Partial Partial
rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem..
9 CVE-2018-1000517 119 Overflow 2018-06-26 2019-04-03
7.5
None Remote Low Not required Partial Partial Partial
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.
10 CVE-2018-1000301 125 DoS 2018-05-24 2019-10-02
6.4
None Remote Low Not required Partial None Partial
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
11 CVE-2018-1000222 415 Exec Code 2018-08-20 2019-03-28
6.8
None Remote Medium Not required Partial Partial Partial
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5.
12 CVE-2018-1000204 2018-06-26 2019-10-02
6.3
None Remote Medium Single system Complete None None
** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don't usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it "virtually impossible to exploit."
13 CVE-2018-1000178 119 Exec Code Overflow 2018-05-08 2018-10-21
7.5
None Remote Low Not required Partial Partial Partial
A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.
14 CVE-2018-1000140 119 Exec Code Overflow 2018-03-23 2019-05-01
7.5
None Remote Low Not required Partial Partial Partial
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.
15 CVE-2018-1000132 732 2018-03-14 2019-10-02
6.4
None Remote Low Not required Partial Partial None
Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1.
16 CVE-2018-1000122 125 DoS +Info 2018-03-14 2019-10-02
6.4
None Remote Low Not required Partial None Partial
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
17 CVE-2018-1000120 787 DoS Overflow 2018-03-14 2019-06-18
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
18 CVE-2018-1000097 119 Exec Code Overflow 2018-03-12 2018-04-13
6.8
None Remote Medium Not required Partial Partial Partial
Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack appear to be exploitable via Victim have to run unshar command on a specially crafted file..
19 CVE-2018-1000026 20 2018-02-09 2019-05-10
6.8
None Remote Low Single system None None Complete
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..
20 CVE-2018-1000005 125 2018-01-24 2019-06-18
6.4
None Remote Low Not required Partial None Partial
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.
21 CVE-2018-20549 190 2018-12-28 2019-04-04
6.8
None Remote Medium Not required Partial Partial Partial
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
22 CVE-2018-20433 611 2018-12-24 2019-05-29
7.5
None Remote Low Not required Partial Partial Partial
c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization.
23 CVE-2018-20346 190 Exec Code Overflow 2018-12-21 2019-06-19
6.8
None Remote Medium Not required Partial Partial Partial
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
24 CVE-2018-20169 400 2018-12-17 2019-08-13
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
25 CVE-2018-20021 835 2018-12-19 2019-10-02
7.8
None Remote Low Not required None None Complete
LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM
26 CVE-2018-20020 787 Exec Code 2018-12-19 2019-08-09
7.5
None Remote Low Not required Partial Partial Partial
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
27 CVE-2018-20019 787 Exec Code 2018-12-19 2019-08-09
7.5
None Remote Low Not required Partial Partial Partial
LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution
28 CVE-2018-20004 119 Overflow 2018-12-10 2019-04-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml.
29 CVE-2018-19873 119 Overflow 2018-12-26 2019-06-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
30 CVE-2018-19870 476 2018-12-26 2019-06-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
31 CVE-2018-19788 20 Exec Code 2018-12-03 2019-08-06
9.0
None Remote Low Single system Complete Complete Complete
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
32 CVE-2018-19543 125 2018-11-25 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.
33 CVE-2018-19541 125 2018-11-25 2019-10-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c.
34 CVE-2018-19540 119 Overflow 2018-11-25 2019-10-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.
35 CVE-2018-19492 119 Overflow 2018-11-23 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.
36 CVE-2018-19491 119 Overflow 2018-11-23 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot postscript terminal is used as a backend.
37 CVE-2018-19490 119 Overflow 2018-11-23 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function.
38 CVE-2018-19477 704 Bypass 2018-11-23 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
39 CVE-2018-19476 704 Bypass 2018-11-23 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
40 CVE-2018-19475 Bypass 2018-11-23 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
41 CVE-2018-19409 2018-11-21 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
42 CVE-2018-19296 502 2018-11-16 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.
43 CVE-2018-19274 502 Exec Code 2018-11-17 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.
44 CVE-2018-19216 416 2018-11-12 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c.
45 CVE-2018-19199 190 Overflow 2018-11-12 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.
46 CVE-2018-19198 787 2018-11-12 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
47 CVE-2018-19134 704 Exec Code 2018-12-20 2019-01-11
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type.
48 CVE-2018-19115 119 Overflow 2018-11-08 2019-05-28
7.5
None Remote Low Not required Partial Partial Partial
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
49 CVE-2018-18873 476 2018-10-31 2019-08-09
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.
50 CVE-2018-18820 119 DoS Exec Code Overflow 2018-11-05 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.
Total number of vulnerabilities : 375   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.