Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-07 | CVE-2013-1809 | Link Following vulnerability in multiple products Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. | 6.4 |
2019-11-07 | CVE-2013-1429 | Link Following vulnerability in multiple products Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. | 6.3 |
2019-11-07 | CVE-2007-5743 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option. | 4.3 |
2019-11-07 | CVE-2013-1425 | Incorrect Default Permissions vulnerability in multiple products ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions. | 5.5 |
2019-11-07 | CVE-2010-2450 | Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. | 5.0 |
2019-11-07 | CVE-2012-0051 | Improper Input Validation vulnerability in multiple products Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval. | 5.8 |
2019-11-07 | CVE-2012-0049 | Resource Exhaustion vulnerability in multiple products OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. | 4.0 |
2019-11-07 | CVE-2019-18809 | Memory Leak vulnerability in multiple products A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559. | 4.6 |
2019-11-06 | CVE-2009-5046 | Cross-site Scripting vulnerability in multiple products JSP Dump and Session Dump Servlet XSS in jetty before 6.1.22. | 4.3 |
2019-11-06 | CVE-2009-5045 | Information Exposure vulnerability in multiple products Dump Servlet information leak in jetty before 6.1.22. | 5.0 |