Vulnerabilities > Debian > Debian Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2020-05-07 CVE-2020-11044 Double Free vulnerability in multiple products
In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed.
network
high complexity
freerdp canonical debian CWE-415
2.2
2020-05-07 CVE-2020-11045 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer.
network
high complexity
freerdp debian canonical CWE-125
3.3
2020-05-07 CVE-2020-11046 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
network
high complexity
freerdp canonical debian CWE-119
2.2
2020-04-27 CVE-2020-9488 Improper Certificate Validation vulnerability in multiple products
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender.
network
high complexity
apache oracle debian qos CWE-295
3.7
2020-04-27 CVE-2020-11810 Race Condition vulnerability in multiple products
An issue was discovered in OpenVPN 2.4.x before 2.4.9.
network
high complexity
openvpn debian fedoraproject CWE-362
3.7
2020-04-15 CVE-2020-2754 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). 3.7
2020-04-15 CVE-2020-2755 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). 3.7
2020-04-15 CVE-2020-2756 Improper Handling of Exceptional Conditions vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
3.7
2020-04-15 CVE-2020-2757 Improper Handling of Exceptional Conditions vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
3.7
2020-04-15 CVE-2020-2773 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). 3.7