Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-17 | CVE-2020-14401 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 6.4 |
| 2020-06-17 | CVE-2020-14398 | Infinite Loop vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 5.0 |
| 2020-06-17 | CVE-2020-14397 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 5.0 |
| 2020-06-17 | CVE-2020-14396 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 5.0 |
| 2020-06-16 | CVE-2020-14195 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). | 6.8 |
| 2020-06-15 | CVE-2020-4051 | Cross-site Scripting vulnerability in multiple products In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16.3, there is a cross-site scripting vulnerability in the Editor's LinkDialog plugin. | 5.4 |
| 2020-06-15 | CVE-2020-14147 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. | 4.0 |
| 2020-06-15 | CVE-2020-14093 | Cleartext Transmission of Sensitive Information vulnerability in multiple products Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. | 4.3 |
| 2020-06-12 | CVE-2020-4048 | Open Redirect vulnerability in multiple products In affected versions of WordPress, due to an issue in wp_validate_redirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked. | 5.7 |
| 2020-06-12 | CVE-2020-4047 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in multiple products In affected versions of WordPress, authenticated users with upload permissions (like authors) are able to inject JavaScript into some media file attachment pages in a certain way. | 6.8 |