Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-06 | CVE-2020-8287 | HTTP Request Smuggling vulnerability in multiple products Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). | 6.5 |
| 2021-01-05 | CVE-2020-27845 | There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. | 5.5 |
| 2021-01-05 | CVE-2020-27843 | Out-of-bounds Read vulnerability in multiple products A flaw was found in OpenJPEG in versions prior to 2.4.0. | 5.5 |
| 2021-01-05 | CVE-2020-27842 | There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. | 5.5 |
| 2021-01-05 | CVE-2020-27841 | There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. | 5.5 |
| 2021-01-05 | CVE-2020-36158 | Classic Buffer Overflow vulnerability in multiple products mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. | 6.7 |
| 2021-01-04 | CVE-2019-25013 | Out-of-bounds Read vulnerability in multiple products The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. | 5.9 |
| 2021-01-04 | CVE-2020-24386 | An issue was discovered in Dovecot before 2.3.13. | 6.8 |
| 2020-12-30 | CVE-2019-15523 | Unchecked Return Value vulnerability in multiple products An issue was discovered in LINBIT csync2 through 2.0. | 5.3 |
| 2020-12-30 | CVE-2020-26247 | XXE vulnerability in multiple products Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. | 4.3 |