Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-01 | CVE-2020-7065 | Out-of-bounds Write vulnerability in multiple products In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. | 6.8 |
| 2020-04-01 | CVE-2020-7064 | Out-of-bounds Read vulnerability in multiple products In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. | 5.8 |
| 2020-03-27 | CVE-2020-10955 | Missing Authorization vulnerability in multiple products GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on an upload feature that allows an unauthorized user to read content available under specific folders. | 4.0 |
| 2020-03-27 | CVE-2020-1770 | Information Exposure vulnerability in multiple products Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. | 4.3 |
| 2020-03-24 | CVE-2020-10942 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. | 5.4 |
| 2020-03-24 | CVE-2020-6080 | Memory Leak vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. | 5.0 |
| 2020-03-24 | CVE-2020-6079 | Memory Leak vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. | 5.0 |
| 2020-03-24 | CVE-2020-6077 | Out-of-bounds Read vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. | 5.0 |
| 2020-03-24 | CVE-2020-6073 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. | 5.0 |
| 2020-03-24 | CVE-2020-6071 | Uncontrolled Recursion vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. | 5.0 |