Vulnerabilities > Debian > Debian Linux > 8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-30 | CVE-2020-11028 | Missing Authentication for Critical Function vulnerability in multiple products In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. | 7.5 |
| 2020-04-30 | CVE-2020-11027 | In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. | 8.1 |
| 2020-04-30 | CVE-2020-11026 | Cross-site Scripting vulnerability in multiple products In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. | 5.4 |
| 2020-04-30 | CVE-2020-11652 | Path Traversal vulnerability in multiple products An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. | 6.5 |
| 2020-04-30 | CVE-2020-11651 | An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. | 9.8 |
| 2020-04-28 | CVE-2020-10663 | Improper Input Validation vulnerability in multiple products The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. | 7.5 |
| 2020-04-28 | CVE-2020-12243 | Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | 7.5 |
| 2020-04-28 | CVE-2020-1774 | When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. | 4.9 |
| 2020-04-27 | CVE-2020-11810 | Race Condition vulnerability in multiple products An issue was discovered in OpenVPN 2.4.x before 2.4.9. | 3.7 |
| 2020-04-24 | CVE-2020-12137 | Cross-site Scripting vulnerability in multiple products GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. | 6.1 |