Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-31 | CVE-2019-20165 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. | 5.5 |
| 2019-12-31 | CVE-2019-20163 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. | 5.5 |
| 2019-12-31 | CVE-2019-20162 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. | 5.5 |
| 2019-12-31 | CVE-2019-20161 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. | 5.5 |
| 2019-12-30 | CVE-2012-5476 | Information Exposure vulnerability in multiple products Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. | 5.5 |
| 2019-12-30 | CVE-2012-5474 | Missing Encryption of Sensitive Data vulnerability in multiple products The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. | 5.5 |
| 2019-12-30 | CVE-2019-20096 | Memory Leak vulnerability in multiple products In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b. | 5.5 |
| 2019-12-27 | CVE-2019-20043 | Improper Privilege Management vulnerability in multiple products In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. | 4.3 |
| 2019-12-27 | CVE-2019-20042 | Cross-site Scripting vulnerability in multiple products In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. | 6.1 |
| 2019-12-26 | CVE-2012-2736 | Missing Authentication for Critical Function vulnerability in multiple products In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network. | 4.4 |