Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-03 | CVE-2020-5311 | Classic Buffer Overflow vulnerability in multiple products libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. | 9.8 |
2020-01-02 | CVE-2014-8182 | Off-by-one Error vulnerability in multiple products An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. | 4.3 |
2020-01-02 | CVE-2014-6275 | Information Exposure vulnerability in multiple products FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. | 4.3 |
2020-01-02 | CVE-2013-4532 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | 4.6 |
2020-01-02 | CVE-2019-14864 | Improper Output Neutralization for Logs vulnerability in multiple products Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. | 4.0 |
2020-01-02 | CVE-2019-20218 | Improper Handling of Exceptional Conditions vulnerability in multiple products selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. | 7.5 |
2020-01-02 | CVE-2019-20208 | Out-of-bounds Write vulnerability in multiple products dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based buffer overflow. | 5.5 |
2019-12-31 | CVE-2013-4357 | Classic Buffer Overflow vulnerability in multiple products The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. | 5.0 |
2019-12-31 | CVE-2019-14466 | Deserialization of Untrusted Data vulnerability in multiple products The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie. | 5.5 |
2019-12-31 | CVE-2019-20171 | Memory Leak vulnerability in multiple products An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. | 4.3 |