Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2020-02-27 CVE-2020-9430 Improper Input Validation vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash.
network
low complexity
wireshark fedoraproject opensuse debian CWE-20
7.5
7.5
2020-02-27 CVE-2020-9428 Out-of-bounds Read vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash.
network
low complexity
wireshark debian fedoraproject opensuse CWE-125
7.5
7.5
2020-02-27 CVE-2020-6418 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-843
8.8
8.8
2020-02-27 CVE-2020-6386 Use After Free vulnerability in multiple products
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-416
8.8
8.8
2020-02-27 CVE-2020-6384 Use After Free vulnerability in multiple products
Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-416
8.8
8.8
2020-02-27 CVE-2020-6383 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-843
8.8
8.8
2020-02-27 CVE-2020-7063 Improper Preservation of Permissions vulnerability in multiple products
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions.
network
low complexity
php tenable debian opensuse CWE-281
5.0
5.0
2020-02-27 CVE-2020-7062 NULL Pointer Dereference vulnerability in multiple products
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash. 		4.3
4.3
2020-02-26 CVE-2020-9274 Access of Uninitialized Pointer vulnerability in multiple products
An issue was discovered in Pure-FTPd 1.0.49.
network
low complexity
pureftpd debian fedoraproject canonical CWE-824
7.5
7.5
2020-02-25 CVE-2020-8794 Out-of-bounds Read vulnerability in multiple products
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies.
network
low complexity
opensmtpd canonical fedoraproject debian CWE-125
critical
 9.8
9.8