Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-21 | CVE-2014-1935 | Improper Input Validation vulnerability in multiple products 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames. | 5.0 |
2019-11-21 | CVE-2012-3543 | Improper Input Validation vulnerability in multiple products mono 2.10.x ASP.NET Web Form Hash collision DoS | 5.0 |
2019-11-21 | CVE-2012-2350 | Improper Input Validation vulnerability in multiple products pam_shield before 0.9.4: Default configuration does not perform protective action | 5.0 |
2019-11-21 | CVE-2019-19039 | Information Exposure Through Log Files vulnerability in multiple products __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. | 5.5 |
2019-11-20 | CVE-2015-3167 | Information Exposure vulnerability in multiple products contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack. | 5.0 |
2019-11-20 | CVE-2013-1817 | Information Exposure vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. | 5.0 |
2019-11-20 | CVE-2013-1816 | Improper Input Validation vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | 5.0 |
2019-11-20 | CVE-2015-1606 | Use After Free vulnerability in multiple products The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file. | 5.5 |
2019-11-20 | CVE-2011-0529 | Improper Input Validation vulnerability in multiple products Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. | 5.0 |
2019-11-20 | CVE-2012-6136 | Incorrect Default Permissions vulnerability in multiple products tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. | 4.9 |