Vulnerabilities > Debian > Debian Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-10 | CVE-2019-13762 | Improper Locking vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code. | 3.3 |
| 2019-12-05 | CVE-2012-1105 | Information Exposure vulnerability in multiple products An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. | 2.1 |
| 2019-12-05 | CVE-2013-0326 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products OpenStack nova base images permissions are world readable | 2.1 |
| 2019-12-03 | CVE-2019-19534 | Missing Initialization of Resource vulnerability in multiple products In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29. | 2.1 |
| 2019-12-03 | CVE-2019-19535 | Missing Initialization of Resource vulnerability in multiple products In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042. | 2.1 |
| 2019-12-03 | CVE-2019-19536 | Missing Initialization of Resource vulnerability in multiple products In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0. | 2.1 |
| 2019-11-29 | CVE-2014-3591 | Information Exposure vulnerability in multiple products Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication. | 1.9 |
| 2019-11-28 | CVE-2019-19318 | Use After Free vulnerability in multiple products In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer, | 2.1 |
| 2019-11-27 | CVE-2012-6655 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords. | 2.1 |
| 2019-11-26 | CVE-2011-3632 | Link Following vulnerability in multiple products Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks. | 3.6 |