CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian » Debian Linux » 8.0 : Security Vulnerabilities Published In 2018

Cpe Name:cpe:/o:debian:debian_linux:8.0
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2018-19141 79 XSS 2018-11-11 2018-12-12
3.5
None Remote Medium Single system None Partial None
Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.
102 CVE-2018-19139 772 2018-11-09 2019-10-02
4.3
None Remote Medium Not required None None Partial
An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.
103 CVE-2018-19134 704 Exec Code 2018-12-20 2019-01-11
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type.
104 CVE-2018-19132 772 DoS 2018-11-09 2019-10-02
4.3
None Remote Medium Not required None None Partial
Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
105 CVE-2018-19115 119 Overflow 2018-11-08 2019-05-28
7.5
None Remote Low Not required Partial Partial Partial
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
106 CVE-2018-19108 835 DoS Overflow 2018-11-08 2019-10-02
4.3
None Remote Medium Not required None None Partial
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
107 CVE-2018-19107 190 DoS Overflow 2018-11-08 2019-07-15
4.3
None Remote Medium Not required None None Partial
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
108 CVE-2018-19058 20 DoS 2018-11-07 2019-08-06
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.
109 CVE-2018-18873 476 2018-10-31 2019-08-09
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.
110 CVE-2018-18820 119 DoS Exec Code Overflow 2018-11-05 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.
111 CVE-2018-18718 415 2018-10-29 2018-12-07
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer.
112 CVE-2018-18710 200 +Info 2018-10-29 2019-04-03
2.1
None Local Low Not required Partial None None
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.
113 CVE-2018-18690 754 2018-10-26 2019-10-02
4.9
None Local Low Not required None None Complete
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.
114 CVE-2018-18607 476 DoS 2018-10-23 2018-12-06
4.3
None Remote Medium Not required None None Partial
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
115 CVE-2018-18606 476 DoS 2018-10-23 2018-12-06
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
116 CVE-2018-18605 125 DoS 2018-10-23 2019-10-02
4.3
None Remote Medium Not required None None Partial
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
117 CVE-2018-18585 476 2018-10-22 2019-08-06
4.3
None Remote Medium Not required None None Partial
chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).
118 CVE-2018-18584 787 2018-10-22 2019-08-06
4.3
None Remote Medium Not required None None Partial
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
119 CVE-2018-18557 787 2018-10-22 2019-05-09
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.
120 CVE-2018-18521 369 DoS 2018-10-19 2019-06-10
4.3
None Remote Medium Not required None None Partial
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled.
121 CVE-2018-18520 119 DoS Overflow 2018-10-19 2019-06-10
4.3
None Remote Medium Not required None None Partial
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
122 CVE-2018-18356 190 Overflow 2018-12-11 2019-06-03
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
123 CVE-2018-18311 119 Overflow 2018-12-07 2019-07-16
7.5
None Remote Low Not required Partial Partial Partial
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
124 CVE-2018-18310 119 DoS Overflow 2018-10-14 2019-06-10
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.
125 CVE-2018-18284 Bypass 2018-10-19 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
126 CVE-2018-18281 20 2018-10-30 2019-04-23
4.6
None Local Low Not required Partial Partial Partial
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.
127 CVE-2018-18245 79 XSS 2018-12-17 2019-01-04
3.5
None Remote Medium Single system None Partial None
Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.
128 CVE-2018-18088 476 2018-10-09 2019-08-21
4.3
None Remote Medium Not required None None Partial
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
129 CVE-2018-18073 200 Bypass +Info 2018-10-15 2018-12-18
4.3
None Remote Medium Not required Partial None None
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
130 CVE-2018-18025 125 DoS 2018-10-07 2019-06-25
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.
131 CVE-2018-17972 269 2018-10-03 2019-10-02
4.9
None Local Low Not required Complete None None
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.
132 CVE-2018-17963 190 DoS 2018-10-09 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
133 CVE-2018-17962 119 Overflow 2018-10-09 2019-09-24
5.0
None Remote Low Not required None None Partial
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
134 CVE-2018-17961 209 Bypass 2018-10-15 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183.
135 CVE-2018-17958 190 Overflow 2018-10-09 2019-05-31
5.0
None Remote Low Not required None None Partial
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
136 CVE-2018-17581 400 DoS 2018-09-28 2019-08-06
4.3
None Remote Medium Not required None None Partial
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
137 CVE-2018-17540 119 Overflow 2018-10-03 2018-11-27
5.0
None Remote Low Not required None None Partial
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
138 CVE-2018-17466 125 2018-11-14 2019-01-24
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
139 CVE-2018-17407 119 Exec Code Overflow 2018-09-23 2018-11-15
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.
140 CVE-2018-17281 400 2018-09-24 2019-10-02
5.0
None Remote Low Not required None None Partial
There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket.
141 CVE-2018-17183 20 2018-09-19 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
142 CVE-2018-17182 416 Overflow +Priv 2018-09-19 2019-01-10
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
143 CVE-2018-17141 20 Exec Code 2018-09-21 2018-11-15
7.5
None Remote Low Not required Partial Partial Partial
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
144 CVE-2018-17101 787 DoS 2018-09-16 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.
145 CVE-2018-17100 190 DoS Overflow 2018-09-16 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.
146 CVE-2018-17082 79 XSS 2018-09-16 2019-08-19
4.3
None Remote Medium Not required None Partial None
The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.
147 CVE-2018-17000 476 2018-09-13 2019-04-05
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.
148 CVE-2018-16949 400 2018-09-11 2019-01-02
5.0
None Remote Low Not required None None Partial
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values and consume server resources waiting for those inputs, denying service to other valid connections.
149 CVE-2018-16948 200 +Info 2018-09-11 2018-11-19
5.0
None Remote Low Not required Partial None None
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSCB service, clients are also susceptible to information leakage. For example, RXAFSCB_TellMeAboutYourself leaks kernel memory and KAM_ListEntry leaks kaserver memory.
150 CVE-2018-16947 287 2018-09-11 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. The backup tape controller (butc) process accepts incoming RPCs but does not require (or allow for) authentication of those RPCs. Handling those RPCs results in operations being performed with administrator credentials, including dumping/restoring volume contents and manipulating the backup database. For example, an unauthenticated attacker can replace any volume's content with arbitrary data.
Total number of vulnerabilities : 862   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.