VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Debian
>
Debian Linux
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2020-10-21
CVE-2020-14792
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot).
network
oracle
debian
netapp
mcafee
opensuse
5.8
5.8
2020-10-21
CVE-2020-14782
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
oracle
debian
netapp
mcafee
opensuse
4.3
4.3
2020-10-21
CVE-2020-14781
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI).
network
oracle
netapp
debian
opensuse
4.3
4.3
2020-10-21
CVE-2020-14765
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS).
network
low complexity
oracle
netapp
debian
fedoraproject
mariadb
6.5
6.5
2020-10-16
CVE-2020-9951
Use After Free vulnerability in multiple products
A use after free issue was addressed with improved memory management.
network
apple
webkit
debian
CWE-416
6.8
6.8
2020-10-16
CVE-2020-9948
Type Confusion vulnerability in multiple products
A type confusion issue was addressed with improved memory handling.
network
apple
webkit
debian
CWE-843
6.8
6.8
2020-10-13
CVE-2020-25645
Cleartext Transmission of Sensitive Information vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.9-rc7.
network
low complexity
linux
debian
netapp
opensuse
canonical
CWE-319
5.0
5.0
2020-10-12
CVE-2020-15250
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability.
local
low complexity
junit
debian
apache
oracle
CWE-732
5.5
5.5
2020-10-12
CVE-2020-13943
If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers.
network
low complexity
apache
debian
oracle
4.3
4.3
2020-10-10
CVE-2020-26934
Cross-site Scripting vulnerability in multiple products
phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.
network
low complexity
phpmyadmin
opensuse
fedoraproject
debian
CWE-79
6.1
6.1
«
Previous
1
2
...
115
116
117
(current)
118
119
...
418
419
»
Next