Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-02 | CVE-2020-25656 | Use After Free vulnerability in multiple products A flaw was found in the Linux kernel. | 4.1 |
| 2020-12-01 | CVE-2020-15257 | Incorrect Resource Transfer Between Spheres vulnerability in multiple products containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. | 5.2 |
| 2020-11-30 | CVE-2020-29394 | Out-of-bounds Write vulnerability in multiple products A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument). | 7.8 |
| 2020-11-30 | CVE-2020-28926 | Classic Buffer Overflow vulnerability in multiple products ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. | 7.5 |
| 2020-11-30 | CVE-2020-25624 | Out-of-bounds Read vulnerability in multiple products hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver. | 4.4 |
| 2020-11-28 | CVE-2020-29374 | Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. | 3.6 |
| 2020-11-28 | CVE-2020-27218 | In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. | 4.8 |
| 2020-11-27 | CVE-2020-27746 | Race Condition vulnerability in multiple products Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem. | 4.3 |
| 2020-11-27 | CVE-2020-25708 | Divide By Zero vulnerability in multiple products A divide by zero issue was found to occur in libvncserver-0.9.12. | 7.5 |
| 2020-11-27 | CVE-2020-27745 | Classic Buffer Overflow vulnerability in multiple products Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. | 6.8 |