Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-17 | CVE-2020-35490 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. | 6.8 |
| 2020-12-16 | CVE-2020-29363 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in p11-kit 0.23.6 through 0.23.21. | 5.0 |
| 2020-12-16 | CVE-2020-26259 | OS Command Injection vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 6.8 |
| 2020-12-15 | CVE-2020-29486 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-12-15 | CVE-2020-29485 | Memory Leak vulnerability in multiple products An issue was discovered in Xen 4.6 through 4.14.x. | 5.5 |
| 2020-12-15 | CVE-2020-29484 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-12-15 | CVE-2020-29483 | Use After Free vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.5 |
| 2020-12-15 | CVE-2020-29482 | Untrusted Search Path vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-12-15 | CVE-2020-29571 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.2 |
| 2020-12-15 | CVE-2020-29570 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.2 |