Vulnerabilities > Debian

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-16	CVE-2020-9948	Type Confusion vulnerability in multiple products A type confusion issue was addressed with improved memory handling. network apple webkit debian CWE-843	6.8
2020-10-16	CVE-2020-15157	Insufficiently Protected Credentials vulnerability in multiple products In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. network high complexity linuxfoundation canonical debian CWE-522	2.6
2020-10-15	CVE-2020-27153	Double Free vulnerability in multiple products In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. network low complexity bluez debian opensuse CWE-415	7.5
2020-10-14	CVE-2020-0423	Improper Locking vulnerability in multiple products In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. local low complexity google debian CWE-667	7.2
2020-10-13	CVE-2020-25645	Cleartext Transmission of Sensitive Information vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.9-rc7. network low complexity linux debian netapp opensuse canonical CWE-319	5.0
2020-10-12	CVE-2020-15250	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. local low complexity junit debian apache oracle CWE-732	5.5
2020-10-12	CVE-2020-13943	If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. network low complexity apache debian oracle	4.3
2020-10-10	CVE-2020-26935	SQL Injection vulnerability in multiple products An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. network low complexity phpmyadmin opensuse fedoraproject debian CWE-89 critical	9.8
2020-10-10	CVE-2020-26934	Cross-site Scripting vulnerability in multiple products phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link. network low complexity phpmyadmin opensuse fedoraproject debian CWE-79	6.1
2020-10-10	CVE-2020-26932	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for sympa_newaliases-wrapper, whereas the intended permissions are mode 4750 (for access by the sympa group) network low complexity sympa debian CWE-732	4.3

Vulnerabilities > Debian {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Debian"}]}

Vulnerabilities > Debian