Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-15 | CVE-2020-2583 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). | 4.3 |
2020-01-15 | CVE-2015-5230 | Improper Input Validation vulnerability in multiple products The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via crafted query packets. | 5.0 |
2020-01-14 | CVE-2014-7844 | Injection vulnerability in multiple products BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address. | 7.8 |
2020-01-13 | CVE-2020-5390 | Improper Verification of Cryptographic Signature vulnerability in multiple products PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). | 7.5 |
2020-01-13 | CVE-2019-19728 | Improper Privilege Management vulnerability in multiple products SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges. | 6.0 |
2020-01-13 | CVE-2020-6851 | Out-of-bounds Write vulnerability in multiple products OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. | 7.5 |
2020-01-10 | CVE-2020-6377 | Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-01-10 | CVE-2019-13767 | Use After Free vulnerability in multiple products Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-01-10 | CVE-2020-1767 | Agent A is able to save a draft (i.e. | 4.3 |
2020-01-10 | CVE-2020-1766 | Cross-site Scripting vulnerability in multiple products Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. | 6.1 |