Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-14 | CVE-2011-1136 | Link Following vulnerability in multiple products In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file. | 6.3 |
| 2019-11-14 | CVE-2011-0544 | Cross-site Scripting vulnerability in multiple products phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. | 4.3 |
| 2019-11-13 | CVE-2010-5108 | Incorrect Default Permissions vulnerability in multiple products Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. | 5.0 |
| 2019-11-13 | CVE-2010-4664 | Improper Privilege Management vulnerability in multiple products In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. | 6.5 |
| 2019-11-13 | CVE-2010-4661 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. | 4.6 |
| 2019-11-13 | CVE-2010-4657 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. | 5.0 |
| 2019-11-13 | CVE-2010-4653 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts. | 6.5 |
| 2019-11-13 | CVE-2010-4532 | Improper Certificate Validation vulnerability in multiple products offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks. | 4.3 |
| 2019-11-13 | CVE-2012-4385 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products letodms 3.3.6 has CSRF via change password | 4.3 |
| 2019-11-13 | CVE-2012-4384 | Cross-site Scripting vulnerability in multiple products letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar | 4.3 |