Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2020-05-26 CVE-2020-3811 Incorrect Authorization vulnerability in multiple products
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.
network
low complexity
netqmail debian canonical CWE-863
7.5
7.5
2020-05-22 CVE-2020-13398 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in FreeRDP before 2.1.1.
network
low complexity
freerdp debian opensuse canonical CWE-787
8.3
8.3
2020-05-22 CVE-2020-13396 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in FreeRDP before 2.1.1.
network
low complexity
freerdp debian opensuse canonical CWE-125
7.1
7.1
2020-05-22 CVE-2020-11077 In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client.
network
low complexity
puma fedoraproject debian opensuse
7.5
7.5
2020-05-22 CVE-2020-11076 In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header.
network
low complexity
puma fedoraproject debian
7.5
7.5
2020-05-21 CVE-2020-12693 Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel.
network
high complexity
schedmd fedoraproject opensuse debian
8.1
8.1
2020-05-21 CVE-2020-13113 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in libexif before 0.6.22. 		8.2
8.2
2020-05-21 CVE-2020-6474 Use After Free vulnerability in multiple products
Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google opensuse fedoraproject debian CWE-416
8.8
8.8
2020-05-21 CVE-2020-6468 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian opensuse CWE-843
8.8
8.8
2020-05-21 CVE-2020-6467 Use After Free vulnerability in multiple products
Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-416
8.8
8.8