Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2011-4082 | Resource Exhaustion vulnerability in multiple products A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. | 5.0 |
| 2019-11-26 | CVE-2011-3631 | Integer Overflow or Wraparound vulnerability in multiple products Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. | 6.8 |
| 2019-11-26 | CVE-2011-3630 | Out-of-bounds Write vulnerability in multiple products Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. | 6.8 |
| 2019-11-26 | CVE-2011-3617 | Incorrect Authorization vulnerability in multiple products Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some cases. | 5.5 |
| 2019-11-26 | CVE-2011-3596 | Reachable Assertion vulnerability in multiple products Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request. | 5.0 |
| 2019-11-26 | CVE-2011-3374 | Improper Verification of Cryptographic Signature vulnerability in Debian Advanced Package Tool and Debian Linux It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack. | 4.3 |
| 2019-11-25 | CVE-2015-1396 | Path Traversal vulnerability in multiple products A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. | 6.4 |
| 2019-11-25 | CVE-2012-5644 | Information Exposure vulnerability in multiple products libuser has information disclosure when moving user's home directory | 4.9 |
| 2019-11-22 | CVE-2014-6311 | Use of Insufficiently Random Values vulnerability in multiple products generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges. | 5.0 |
| 2019-11-22 | CVE-2019-18976 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. | 5.0 |