Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2020-12-08 CVE-2020-1971 NULL Pointer Dereference vulnerability in multiple products
The X.509 GeneralName type is a generic type for representing different types of names. 		5.9
5.9
2020-12-08 CVE-2020-27818 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the check_chunk_name() function of pngcheck-2.4.0.
local
low complexity
libpng fedoraproject debian CWE-125
3.3
3.3
2020-12-07 CVE-2020-28935 Link Following vulnerability in multiple products
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack.
local
low complexity
nlnetlabs debian CWE-59
5.5
5.5
2020-12-07 CVE-2020-29600 Path Traversal vulnerability in multiple products
In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format.
network
low complexity
awstats debian fedoraproject CWE-22
critical
 9.8
9.8
2020-12-07 CVE-2020-29599 XML Injection (aka Blind XPath Injection) vulnerability in multiple products
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files.
local
low complexity
imagemagick debian CWE-91
7.8
7.8
2020-12-04 CVE-2020-27773 Divide By Zero vulnerability in multiple products
A flaw was found in ImageMagick in MagickCore/gem-private.h.
local
low complexity
imagemagick redhat debian CWE-369
3.3
3.3
2020-12-04 CVE-2020-27772 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in ImageMagick in coders/bmp.c.
local
low complexity
imagemagick redhat debian CWE-190
3.3
3.3
2020-12-04 CVE-2020-27775 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in ImageMagick in MagickCore/quantum.h.
local
low complexity
imagemagick redhat debian CWE-190
3.3
3.3
2020-12-04 CVE-2020-27774 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in ImageMagick in MagickCore/statistic.c.
local
low complexity
imagemagick redhat debian CWE-190
3.3
3.3
2020-12-04 CVE-2020-27771 Integer Overflow or Wraparound vulnerability in multiple products
In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type.
local
low complexity
imagemagick redhat debian CWE-190
3.3
3.3