Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-08 | CVE-2019-17016 | Cross-site Scripting vulnerability in multiple products When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. | 6.1 |
| 2020-01-08 | CVE-2020-0009 | Incorrect Default Permissions vulnerability in multiple products In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. | 5.5 |
| 2020-01-08 | CVE-2019-5188 | Out-of-bounds Write vulnerability in multiple products A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. | 6.7 |
| 2020-01-06 | CVE-2019-18179 | An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. | 4.3 |
| 2020-01-02 | CVE-2014-6275 | Information Exposure vulnerability in multiple products FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. | 5.9 |
| 2020-01-02 | CVE-2019-14864 | Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. | 6.5 |
| 2020-01-02 | CVE-2019-20208 | Out-of-bounds Write vulnerability in multiple products dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based buffer overflow. | 5.5 |
| 2019-12-31 | CVE-2019-14466 | Deserialization of Untrusted Data vulnerability in multiple products The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie. | 6.5 |
| 2019-12-31 | CVE-2019-20171 | Memory Leak vulnerability in multiple products An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. | 5.5 |
| 2019-12-31 | CVE-2019-20170 | Release of Invalid Pointer or Reference vulnerability in multiple products An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. | 5.5 |