Vulnerabilities > Debian > Debian Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2020-12-03 CVE-2020-27759 Integer Overflow or Wraparound vulnerability in multiple products
In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned.
local
low complexity
imagemagick debian CWE-190
3.3
2020-12-03 CVE-2020-27761 Integer Overflow or Wraparound vulnerability in multiple products
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick.
local
low complexity
imagemagick debian CWE-190
3.3
2020-12-03 CVE-2020-27763 Divide By Zero vulnerability in multiple products
A flaw was found in ImageMagick in MagickCore/resize.c.
local
low complexity
imagemagick debian CWE-369
3.3
2020-12-03 CVE-2020-27764 Integer Overflow or Wraparound vulnerability in multiple products
In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick.
local
low complexity
imagemagick debian CWE-190
3.3
2020-12-02 CVE-2020-25723 A reachable assertion issue was found in the USB EHCI emulation code of QEMU.
local
low complexity
qemu debian
3.2
2020-11-28 CVE-2020-29374 Incorrect Authorization vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c.
local
high complexity
linux debian netapp CWE-863
3.6
2020-11-27 CVE-2020-27746 Race Condition vulnerability in multiple products
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
network
high complexity
schedmd debian CWE-362
3.7
2020-10-22 CVE-2020-27560 Divide By Zero vulnerability in multiple products
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
local
low complexity
imagemagick debian opensuse CWE-369
3.3
2020-09-25 CVE-2020-25084 Use After Free vulnerability in multiple products
QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.
local
low complexity
qemu debian CWE-416
3.2
2020-09-09 CVE-2020-7068 Use After Free vulnerability in multiple products
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.
local
high complexity
php debian tenable CWE-416
3.6