Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-11 | CVE-2020-14332 | Improper Output Neutralization for Logs vulnerability in multiple products A flaw was found in the Ansible Engine when using module_args. | 5.5 |
| 2020-09-11 | CVE-2020-14330 | Information Exposure Through Log Files vulnerability in multiple products An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. | 5.5 |
| 2020-09-11 | CVE-2020-15169 | Cross-site Scripting vulnerability in multiple products In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. | 6.1 |
| 2020-09-11 | CVE-2020-25269 | Use After Free vulnerability in multiple products An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. | 6.5 |
| 2020-09-11 | CVE-2019-20917 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. | 6.5 |
| 2020-09-10 | CVE-2020-13920 | Missing Authentication for Critical Function vulnerability in multiple products Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. | 5.9 |
| 2020-09-10 | CVE-2020-6097 | Reachable Assertion vulnerability in multiple products An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. | 5.0 |
| 2020-09-09 | CVE-2020-25212 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. | 4.4 |
| 2020-09-09 | CVE-2020-25211 | Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. | 6.0 |
| 2020-09-04 | CVE-2020-24977 | Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. | 6.5 |