Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-21 | CVE-2020-14954 | Injection vulnerability in multiple products Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. | 5.9 |
2020-06-19 | CVE-2020-8167 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains. | 4.3 |
2020-06-19 | CVE-2020-8164 | Deserialization of Untrusted Data vulnerability in multiple products A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. | 5.0 |
2020-06-19 | CVE-2020-8162 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits. | 5.0 |
2020-06-18 | CVE-2020-3350 | Race Condition vulnerability in multiple products A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. | 6.3 |
2020-06-17 | CVE-2020-8619 | Improper Resource Shutdown or Release vulnerability in multiple products In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. | 4.9 |
2020-06-17 | CVE-2020-14405 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 4.0 |
2020-06-17 | CVE-2020-14404 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 5.5 |
2020-06-17 | CVE-2020-14403 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 5.5 |
2020-06-17 | CVE-2020-14402 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 5.5 |