Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-16 | CVE-2019-19783 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. | 6.5 |
| 2019-12-15 | CVE-2014-8650 | Improper Authentication vulnerability in multiple products python-requests-Kerberos through 0.5 does not handle mutual authentication | 7.5 |
| 2019-12-15 | CVE-2014-8561 | Infinite Loop vulnerability in multiple products imagemagick 6.8.9.6 has remote DOS via infinite loop | 4.3 |
| 2019-12-15 | CVE-2014-4913 | Cross-site Scripting vulnerability in multiple products ZF2014-03 has a potential cross site scripting vector in multiple view helpers | 4.3 |
| 2019-12-15 | CVE-2019-19797 | Out-of-bounds Write vulnerability in multiple products read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. | 5.5 |
| 2019-12-13 | CVE-2014-3495 | Improper Certificate Validation vulnerability in multiple products duplicity 0.6.24 has improper verification of SSL certificates | 5.0 |
| 2019-12-13 | CVE-2014-2387 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities | 4.6 |
| 2019-12-13 | CVE-2014-0175 | Use of Hard-coded Credentials vulnerability in multiple products mcollective has a default password set at install | 9.8 |
| 2019-12-12 | CVE-2019-12420 | Resource Exhaustion vulnerability in multiple products In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. | 7.5 |
| 2019-12-12 | CVE-2018-11805 | OS Command Injection vulnerability in multiple products In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. | 6.7 |