Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-02 CVE-2019-14864 Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors.
network
low complexity
redhat debian opensuse
6.5
6.5
2020-01-02 CVE-2019-20208 Out-of-bounds Write vulnerability in multiple products
dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based buffer overflow.
local
low complexity
gpac debian CWE-787
5.5
5.5
2019-12-31 CVE-2019-14466 Deserialization of Untrusted Data vulnerability in multiple products
The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie.
network
low complexity
gosa-project debian CWE-502
6.5
6.5
2019-12-31 CVE-2019-20171 Memory Leak vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-401
5.5
5.5
2019-12-31 CVE-2019-20170 Release of Invalid Pointer or Reference vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-763
5.5
5.5
2019-12-31 CVE-2019-20165 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-476
5.5
5.5
2019-12-31 CVE-2019-20163 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-476
5.5
5.5
2019-12-31 CVE-2019-20162 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-787
5.5
5.5
2019-12-31 CVE-2019-20161 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-787
5.5
5.5
2019-12-30 CVE-2012-5476 Information Exposure vulnerability in multiple products
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.
local
low complexity
openstack debian CWE-200
5.5
5.5