Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-17 | CVE-2020-35490 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. | 6.8 |
2020-12-16 | CVE-2020-29363 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in p11-kit 0.23.6 through 0.23.21. | 5.0 |
2020-12-16 | CVE-2020-29361 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in p11-kit 0.21.1 through 0.23.21. | 7.5 |
2020-12-16 | CVE-2020-26259 | OS Command Injection vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 6.8 |
2020-12-16 | CVE-2020-26258 | Server-Side Request Forgery (SSRF) vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.7 |
2020-12-15 | CVE-2020-29486 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
2020-12-15 | CVE-2020-29485 | Memory Leak vulnerability in multiple products An issue was discovered in Xen 4.6 through 4.14.x. | 5.5 |
2020-12-15 | CVE-2020-29484 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
2020-12-15 | CVE-2020-29483 | Use After Free vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.5 |
2020-12-15 | CVE-2020-29482 | Untrusted Search Path vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |