Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  Security Vulnerabilities
CVE-2019-12068
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.
CVSS Score
3.8
EPSS Score
0.005
Published
2019-09-24
CVE-2019-16746
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
CVSS Score
9.8
EPSS Score
0.127
Published
2019-09-24
CVE-2019-16728
DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (mXSS) for an SVG element or a MATH element, as demonstrated by Chrome and Safari.
CVSS Score
6.1
EPSS Score
0.017
Published
2019-09-24
CVE-2019-16729
pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups.
CVSS Score
7.8
EPSS Score
0.004
Published
2019-09-24
CVE-2019-16708
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
CVSS Score
6.5
EPSS Score
0.025
Published
2019-09-23
CVE-2019-16710
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
CVSS Score
6.5
EPSS Score
0.025
Published
2019-09-23
CVE-2019-16711
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
CVSS Score
6.5
EPSS Score
0.025
Published
2019-09-23
CVE-2019-16713
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
CVSS Score
6.5
EPSS Score
0.025
Published
2019-09-23
CVE-2019-16680
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
CVSS Score
4.3
EPSS Score
0.021
Published
2019-09-21
CVE-2019-14814
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVSS Score
5.5
EPSS Score
0.009
Published
2019-09-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved