Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2019-12-31 CVE-2019-20170 Release of Invalid Pointer or Reference vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-763
5.5
5.5
2019-12-31 CVE-2019-20165 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-476
5.5
5.5
2019-12-31 CVE-2019-20163 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-476
5.5
5.5
2019-12-31 CVE-2019-20162 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-787
5.5
5.5
2019-12-31 CVE-2019-20161 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109.
local
low complexity
gpac debian CWE-787
5.5
5.5
2019-12-30 CVE-2013-2016 Improper Privilege Management vulnerability in multiple products
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. 		6.9
6.9
2019-12-30 CVE-2012-5476 Information Exposure vulnerability in multiple products
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.
local
low complexity
openstack debian CWE-200
2.1
2.1
2019-12-30 CVE-2012-5474 Missing Encryption of Sensitive Data vulnerability in multiple products
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. 		2.1
2.1
2019-12-30 CVE-2019-20096 Memory Leak vulnerability in multiple products
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.
local
low complexity
linux debian canonical CWE-401
5.5
5.5
2019-12-27 CVE-2019-20043 Improper Privilege Management vulnerability in multiple products
In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API.
network
low complexity
wordpress debian CWE-269
4.3
4.3