Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-27 | CVE-2020-11810 | Race Condition vulnerability in multiple products An issue was discovered in OpenVPN 2.4.x before 2.4.9. | 3.7 |
2020-04-27 | CVE-2019-18823 | Improper Authentication vulnerability in multiple products HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control. | 9.8 |
2020-04-27 | CVE-2020-12268 | Out-of-bounds Write vulnerability in multiple products jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. | 7.5 |
2020-04-24 | CVE-2020-12137 | Cross-site Scripting vulnerability in multiple products GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. | 6.1 |
2020-04-23 | CVE-2019-20788 | Integer Overflow or Wraparound vulnerability in multiple products libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. | 7.5 |
2020-04-23 | CVE-2020-1760 | Cross-site Scripting vulnerability in multiple products A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. | 6.1 |
2020-04-23 | CVE-2020-11945 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in Squid before 5.0.2. | 9.8 |
2020-04-22 | CVE-2020-1983 | Use After Free vulnerability in multiple products A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. | 6.5 |
2020-04-22 | CVE-2020-12066 | Improper Input Validation vulnerability in multiple products CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. | 7.5 |
2020-04-21 | CVE-2020-11008 | Insufficiently Protected Credentials vulnerability in multiple products Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. | 7.5 |