Vulnerabilities > Debian > Debian Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2020-07-15 CVE-2020-14578 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 3.7
2020-07-15 CVE-2020-14579 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 3.7
2020-07-15 CVE-2020-14581 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). 3.7
2020-07-02 CVE-2020-15469 NULL Pointer Dereference vulnerability in multiple products
In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.
local
low complexity
qemu debian CWE-476
2.3
2020-06-24 CVE-2020-15005 In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them.
network
high complexity
mediawiki fedoraproject debian
3.1
2020-06-18 CVE-2019-13033 Information Exposure vulnerability in multiple products
In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed.
local
low complexity
cisofy debian fedoraproject CWE-200
3.3
2020-06-12 CVE-2020-4049 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in multiple products
In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page.
network
low complexity
wordpress fedoraproject debian CWE-80
2.4
2020-06-12 CVE-2020-4050 Authentication Bypass Using an Alternate Path or Channel vulnerability in multiple products
In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved.
network
high complexity
wordpress fedoraproject debian CWE-288
3.1
2020-06-02 CVE-2020-13659 NULL Pointer Dereference vulnerability in multiple products
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
local
high complexity
qemu debian opensuse canonical CWE-476
2.5
2020-05-29 CVE-2020-11040 Out-of-bounds Read vulnerability in multiple products
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color.
network
low complexity
freerdp opensuse debian CWE-125
2.7