Debian: >> Debian Linux Security Vulnerabilities
An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
CVSS Score
6.5
EPSS Score
0.025
Published
2018-12-07
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
CVSS Score
6.5
EPSS Score
0.02
Published
2018-12-07
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVSS Score
8.8
EPSS Score
0.02
Published
2018-12-07
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVSS Score
9.8
EPSS Score
0.12
Published
2018-12-07
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
CVSS Score
9.1
EPSS Score
0.09
Published
2018-12-07
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVSS Score
9.8
EPSS Score
0.061
Published
2018-12-07
ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
CVSS Score
7.5
EPSS Score
0.069
Published
2018-12-07
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVSS Score
9.8
EPSS Score
0.121
Published
2018-12-05
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.
CVSS Score
9.1
EPSS Score
0.039
Published
2018-12-05
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
CVSS Score
9.6
EPSS Score
0.013
Published
2018-12-04