Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-10 | CVE-2020-29668 | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun. | 3.7 |
2020-12-10 | CVE-2020-27351 | Missing Release of Resource after Effective Lifetime vulnerability in Debian Advanced Package Tool Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. | 2.1 |
2020-12-10 | CVE-2020-27350 | Integer Overflow or Wraparound vulnerability in multiple products APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. | 5.7 |
2020-12-09 | CVE-2020-16589 | Out-of-bounds Write vulnerability in multiple products A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file. | 5.5 |
2020-12-09 | CVE-2020-16588 | NULL Pointer Dereference vulnerability in multiple products A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file. | 5.5 |
2020-12-09 | CVE-2020-16587 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file. | 5.5 |
2020-12-09 | CVE-2020-29661 | Improper Locking vulnerability in multiple products A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. | 7.8 |
2020-12-09 | CVE-2020-29660 | Improper Locking vulnerability in multiple products A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. | 4.4 |
2020-12-08 | CVE-2020-27918 | Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. | 7.8 |
2020-12-08 | CVE-2020-27821 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. | 6.0 |