Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-15 | CVE-2020-14556 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). | 4.8 |
2020-07-09 | CVE-2020-10756 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. | 6.5 |
2020-07-09 | CVE-2020-12402 | Information Exposure Through Discrepancy vulnerability in multiple products During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. | 4.4 |
2020-07-07 | CVE-2020-10730 | Use After Free vulnerability in multiple products A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. | 6.5 |
2020-07-07 | CVE-2020-15566 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. | 6.5 |
2020-07-07 | CVE-2020-15564 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info. | 6.5 |
2020-07-07 | CVE-2020-15563 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. | 6.5 |
2020-07-06 | CVE-2020-15569 | Use After Free vulnerability in multiple products PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor. | 5.5 |
2020-07-06 | CVE-2020-15562 | Cross-site Scripting vulnerability in multiple products An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. | 6.1 |
2020-07-02 | CVE-2020-8166 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token. | 4.3 |