Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-24 | CVE-2020-6072 | Double Free vulnerability in multiple products An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. | 7.5 |
2020-03-24 | CVE-2020-6071 | Uncontrolled Recursion vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. | 5.0 |
2020-03-24 | CVE-2020-10941 | Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import. | 5.9 |
2020-03-24 | CVE-2020-10938 | Integer Overflow or Wraparound vulnerability in multiple products GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. | 7.5 |
2020-03-24 | CVE-2020-9359 | KDE Okular before 1.10.0 allows code execution via an action link in a PDF document. | 5.3 |
2020-03-24 | CVE-2020-10684 | Missing Authorization vulnerability in multiple products A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. | 7.1 |
2020-03-23 | CVE-2020-1944 | HTTP Request Smuggling vulnerability in multiple products There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. | 9.8 |
2020-03-23 | CVE-2019-17565 | HTTP Request Smuggling vulnerability in multiple products There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and chunked encoding. | 9.8 |
2020-03-23 | CVE-2019-17559 | HTTP Request Smuggling vulnerability in multiple products There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and scheme parsing. | 9.8 |
2020-03-23 | CVE-2020-8866 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. | 6.5 |