Vulnerabilities > Debian > Debian Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2019-11-25 CVE-2012-5521 Reachable Assertion vulnerability in multiple products
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal
low complexity
quagga debian redhat CWE-617
3.3
2019-11-22 CVE-2015-7810 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files
3.3
2019-11-21 CVE-2014-0083 Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products
The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.
local
low complexity
net-ldap-project debian CWE-916
2.1
2019-11-19 CVE-2011-2924 Link Following vulnerability in multiple products
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled.
3.3
2019-11-19 CVE-2019-19126 Improper Initialization vulnerability in multiple products
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
local
low complexity
gnu canonical fedoraproject debian CWE-665
3.3
2019-11-19 CVE-2011-2923 Link Following vulnerability in multiple products
foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled.
3.3
2019-11-19 CVE-2012-0843 Information Exposure vulnerability in multiple products
uzbl: Information disclosure via world-readable cookies storage file
local
low complexity
uzbl debian CWE-200
2.1
2019-11-19 CVE-2012-0842 Information Exposure vulnerability in multiple products
surf: cookie jar has read access from other local user
local
low complexity
suckless debian CWE-200
2.1
2019-11-18 CVE-2019-19057 Memory Leak vulnerability in multiple products
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
3.3
2019-11-14 CVE-2011-1488 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled.
1.9