Vulnerabilities > Debian > Debian Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-24 | CVE-2020-15005 | In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. | 3.1 |
| 2020-06-24 | CVE-2020-15011 | Injection vulnerability in multiple products GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. | 2.6 |
| 2020-06-18 | CVE-2019-13033 | Information Exposure vulnerability in multiple products In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. | 3.3 |
| 2020-06-12 | CVE-2020-4049 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in multiple products In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. | 2.4 |
| 2020-06-12 | CVE-2020-4050 | Authentication Bypass Using an Alternate Path or Channel vulnerability in multiple products In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. | 3.1 |
| 2020-06-02 | CVE-2020-13659 | NULL Pointer Dereference vulnerability in multiple products address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer. | 2.5 |
| 2020-05-29 | CVE-2020-11040 | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. | 2.7 |
| 2020-05-29 | CVE-2020-11043 | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. | 2.7 |
| 2020-05-29 | CVE-2020-11085 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. | 3.5 |
| 2020-05-29 | CVE-2020-11041 | Improper Validation of Array Index vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). | 2.7 |