CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian : Security Vulnerabilities Published In 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1000020 400 2019-02-04 2019-04-12
4.3
None Remote Medium Not required None None Partial
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file.
2 CVE-2019-1000019 125 DoS 2019-02-04 2019-04-12
4.3
None Remote Medium Not required None None Partial
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.
3 CVE-2019-1000018 77 Exec Code 2019-02-04 2019-04-11
4.6
None Local Low Not required Partial Partial Partial
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the allowscp permission.
4 CVE-2019-17362 125 DoS 2019-10-08 2019-10-15
6.4
None Remote Low Not required Partial None Partial
In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data.
5 CVE-2019-16943 20 2019-10-01 2019-10-11
7.5
None Remote Low Not required Partial Partial Partial
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.
6 CVE-2019-16942 20 2019-10-01 2019-10-08
7.5
None Remote Low Not required Partial Partial Partial
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.
7 CVE-2019-16928 120 Exec Code Overflow 2019-09-27 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
8 CVE-2019-15941 863 Bypass 2019-09-25 2019-10-01
7.5
None Remote Low Not required Partial Partial Partial
OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access control rules than the target RP, and no filtering on redirection URIs.
9 CVE-2019-15902 200 +Info 2019-09-04 2019-10-10
4.7
None Local Medium Not required Complete None None
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.
10 CVE-2019-15892 20 DoS 2019-09-03 2019-09-25
7.8
None Remote Low Not required None None Complete
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack.
11 CVE-2019-15846 119 Exec Code Overflow 2019-09-06 2019-09-06
10.0
None Remote Low Not required Complete Complete Complete
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
12 CVE-2019-15296 119 Overflow 2019-08-21 2019-09-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast to uint32. If ld->buffer_size - words*4 is negative, a buffer overflow is later performed via getdword_n(&ld->start[words], ld->bytes_left).
13 CVE-2019-15239 416 2019-08-20 2019-09-24
7.2
None Local Low Not required Complete Complete Complete
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.
14 CVE-2019-14970 119 Overflow 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
15 CVE-2019-14809 20 Bypass 2019-08-13 2019-08-24
7.5
None Remote Low Not required Partial Partial Partial
net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.
16 CVE-2019-14778 416 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
17 CVE-2019-14777 416 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
18 CVE-2019-14776 125 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.
19 CVE-2019-14744 77 Exec Code 2019-08-07 2019-08-15
5.1
None Remote High Not required Partial Partial Partial
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.
20 CVE-2019-14535 369 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
21 CVE-2019-14534 476 DoS 2019-08-29 2019-09-06
4.3
None Remote Medium Not required None None Partial
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack.
22 CVE-2019-14533 416 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
23 CVE-2019-14498 369 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file.
24 CVE-2019-14439 200 +Info 2019-07-30 2019-09-05
5.0
None Remote Low Not required Partial None None
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.
25 CVE-2019-14438 125 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file.
26 CVE-2019-14437 416 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file.
27 CVE-2019-14379 20 Exec Code 2019-07-29 2019-10-06
7.5
None Remote Low Not required Partial Partial Partial
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
28 CVE-2019-14234 89 Sql 2019-08-09 2019-08-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.
29 CVE-2019-13917 19 Exec Code 2019-07-25 2019-09-06
10.0
None Remote Low Not required Complete Complete Complete
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
30 CVE-2019-13638 78 2019-07-26 2019-08-16
9.3
None Remote Medium Not required Complete Complete Complete
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
31 CVE-2019-13574 20 Exec Code 2019-07-11 2019-10-07
6.8
None Remote Medium Not required Partial Partial Partial
In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command.
32 CVE-2019-13565 287 2019-07-26 2019-09-23
5.0
None Remote Low Not required Partial None None
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.
33 CVE-2019-13486 119 Overflow 2019-08-27 2019-08-28
7.5
None Remote Low Not required Partial Partial Partial
In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of   expansion in svcstatus.c.
34 CVE-2019-13485 119 Overflow 2019-08-27 2019-08-28
7.5
None Remote Low Not required Partial Partial Partial
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c.
35 CVE-2019-13484 119 Overflow 2019-08-27 2019-08-28
7.5
None Remote Low Not required Partial Partial Partial
In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of   expansion in appfeed.c.
36 CVE-2019-13458 255 2019-08-21 2019-10-09
4.0
None Remote Low Single system Partial None None
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords.
37 CVE-2019-13455 119 Overflow 2019-08-27 2019-08-28
7.5
None Remote Low Not required Partial Partial Partial
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of   expansion in acknowledge.c.
38 CVE-2019-13452 119 Overflow 2019-08-27 2019-08-28
7.5
None Remote Low Not required Partial Partial Partial
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
39 CVE-2019-13451 119 Overflow 2019-08-27 2019-08-28
7.5
None Remote Low Not required Partial Partial Partial
In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.
40 CVE-2019-13345 79 XSS 2019-07-05 2019-07-15
4.3
None Remote Medium Not required None Partial None
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
41 CVE-2019-13274 79 XSS 2019-08-27 2019-08-28
4.3
None Remote Medium Not required None Partial None
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.
42 CVE-2019-13273 119 Overflow 2019-08-27 2019-09-04
7.5
None Remote Low Not required Partial Partial Partial
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.
43 CVE-2019-13272 264 2019-07-17 2019-07-25
7.2
None Local Low Not required Complete Complete Complete
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
44 CVE-2019-13232 400 DoS 2019-07-04 2019-07-28
5.0
None Remote Low Not required None None Partial
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.
45 CVE-2019-13132 119 Overflow 2019-07-10 2019-07-18
7.5
None Remote Low Not required Partial Partial Partial
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.
46 CVE-2019-13031 611 2019-06-28 2019-08-26
6.8
None Remote Medium Not required Partial Partial Partial
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule.
47 CVE-2019-12854 119 DoS Overflow 2019-08-15 2019-08-28
5.0
None Remote Low Not required None None Partial
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.
48 CVE-2019-12814 200 +Info 2019-06-19 2019-09-05
4.3
None Remote Medium Not required Partial None None
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.
49 CVE-2019-12781 20 2019-07-01 2019-07-12
5.0
None Remote Low Not required Partial None None
An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.
50 CVE-2019-12746 200 +Info 2019-08-21 2019-08-29
4.3
None Remote Medium Not required Partial None None
An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user.
Total number of vulnerabilities : 360   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.