Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-20 | CVE-2020-35573 | Excessive Iteration vulnerability in multiple products srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in an SRS address. | 7.5 |
| 2020-12-18 | CVE-2020-35475 | Cross-site Scripting vulnerability in multiple products In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. | 7.5 |
| 2020-12-17 | CVE-2020-35491 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. | 8.1 |
| 2020-12-17 | CVE-2020-35490 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. | 8.1 |
| 2020-12-16 | CVE-2020-29363 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in p11-kit 0.23.6 through 0.23.21. | 7.5 |
| 2020-12-16 | CVE-2020-29361 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in p11-kit 0.21.1 through 0.23.21. | 7.5 |
| 2020-12-16 | CVE-2020-26258 | Server-Side Request Forgery (SSRF) vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.7 |
| 2020-12-15 | CVE-2020-29481 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 8.8 |
| 2020-12-15 | CVE-2020-29479 | Missing Authorization vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 8.8 |
| 2020-12-15 | CVE-2020-29569 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. | 8.8 |