Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-05 | CVE-2020-27841 | Heap-based Buffer Overflow vulnerability in multiple products There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. | 5.5 |
2021-01-05 | CVE-2020-36158 | Classic Buffer Overflow vulnerability in multiple products mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. | 6.7 |
2021-01-04 | CVE-2019-25013 | Out-of-bounds Read vulnerability in multiple products The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. | 5.9 |
2021-01-04 | CVE-2020-25275 | Improper Input Validation vulnerability in multiple products Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts. | 7.5 |
2021-01-04 | CVE-2020-24386 | An issue was discovered in Dovecot before 2.3.13. | 6.8 |
2021-01-04 | CVE-2020-35965 | Out-of-bounds Write vulnerability in multiple products decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations. | 5.0 |
2020-12-31 | CVE-2020-12658 | Improper Locking vulnerability in multiple products gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex before pthread exit in gp_worker_main() in gp_workers.c. | 9.8 |
2020-12-30 | CVE-2019-15523 | Unchecked Return Value vulnerability in multiple products An issue was discovered in LINBIT csync2 through 2.0. | 5.0 |
2020-12-30 | CVE-2020-26247 | XXE vulnerability in multiple products Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. | 4.3 |
2020-12-28 | CVE-2020-35730 | Cross-site Scripting vulnerability in multiple products An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. | 6.1 |