Vulnerabilities > Debian > Debian Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-23 | CVE-2020-6429 | Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2020-03-23 | CVE-2020-6428 | Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2020-03-23 | CVE-2020-6427 | Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2020-03-23 | CVE-2020-6424 | Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2020-03-23 | CVE-2020-6422 | Out-of-bounds Write vulnerability in multiple products Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2020-03-23 | CVE-2020-6420 | Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 8.8 |
| 2020-03-22 | CVE-2020-10802 | SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. | 8.0 |
| 2020-03-18 | CVE-2020-10673 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). | 8.8 |
| 2020-03-18 | CVE-2020-10672 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). | 8.8 |
| 2020-03-16 | CVE-2019-20326 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file. | 7.8 |