Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  Security Vulnerabilities
CVE-2019-18602
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-10-29
CVE-2019-18603
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer.
CVSS Score
5.9
EPSS Score
0.004
Published
2019-10-29
CVE-2019-15681
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.
CVSS Score
7.5
EPSS Score
0.094
Published
2019-10-29
CVE-2011-4931
gpw generates shorter passwords than required
CVSS Score
7.5
EPSS Score
0.004
Published
2019-10-29
CVE-2009-3723
asterisk allows calls on prohibited networks
CVSS Score
7.5
EPSS Score
0.007
Published
2019-10-29
CVE-2010-3373
paxtest handles temporary files insecurely
CVSS Score
5.5
EPSS Score
0.001
Published
2019-10-29
CVE-2012-5577
Python keyring lib before 0.10 created keyring files with world-readable permissions.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-10-28
CVE-2019-11043
Known exploited
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
CVSS Score
8.7
EPSS Score
0.941
Published
2019-10-28
CVE-2019-17596
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
CVSS Score
7.5
EPSS Score
0.023
Published
2019-10-24
CVE-2019-18408
archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.
CVSS Score
7.5
EPSS Score
0.046
Published
2019-10-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved