Vulnerabilities > Debian > Debian Linux > 6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-31 | CVE-2013-4357 | Classic Buffer Overflow vulnerability in multiple products The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. | 5.0 |
| 2019-12-17 | CVE-2012-2237 | Cross-site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile. | 4.3 |
| 2019-11-15 | CVE-2011-0703 | Improper Input Validation vulnerability in multiple products In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session. | 7.5 |
| 2019-11-14 | CVE-2012-1155 | Information Exposure vulnerability in multiple products Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to | 5.0 |
| 2019-11-07 | CVE-2013-1811 | Improper Input Validation vulnerability in multiple products An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New". | 4.0 |
| 2019-11-07 | CVE-2012-0049 | Resource Exhaustion vulnerability in multiple products OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. | 4.0 |
| 2019-11-06 | CVE-2011-4900 | Information Exposure vulnerability in multiple products TYPO3 before 4.5.4 allows Information Disclosure in the backend. | 4.0 |
| 2019-11-04 | CVE-2013-4412 | NULL Pointer Dereference vulnerability in multiple products slim has NULL pointer dereference when using crypt() method from glibc 2.17 | 7.5 |
| 2018-11-12 | CVE-2018-19200 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in uriparser before 0.9.0. | 5.0 |
| 2018-01-08 | CVE-2015-2318 | Improper Certificate Validation vulnerability in multiple products The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue. | 6.8 |