Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 8.0  Security Vulnerabilities
CVE-2018-19216
Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-11-12
CVE-2018-19198
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
CVSS Score
9.8
EPSS Score
0.007
Published
2018-11-12
CVE-2018-19199
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.
CVSS Score
9.8
EPSS Score
0.007
Published
2018-11-12
CVE-2018-19141
Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.
CVSS Score
4.8
EPSS Score
0.003
Published
2018-11-11
CVE-2018-19143
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-11-11
CVE-2018-19139
An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.
CVSS Score
5.5
EPSS Score
0.005
Published
2018-11-09
CVE-2018-19132
Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
CVSS Score
5.9
EPSS Score
0.113
Published
2018-11-09
CVE-2018-19115
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
CVSS Score
9.8
EPSS Score
0.062
Published
2018-11-08
CVE-2018-19107
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-11-08
CVE-2018-19108
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-11-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved