Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-22 | CVE-2019-10206 | Insufficiently Protected Credentials vulnerability in multiple products ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. | 6.5 |
2019-11-21 | CVE-2019-19221 | Out-of-bounds Read vulnerability in multiple products In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. | 5.5 |
2019-11-21 | CVE-2014-5255 | Race Condition vulnerability in multiple products xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files. | 4.4 |
2019-11-21 | CVE-2019-19204 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. | 7.5 |
2019-11-21 | CVE-2019-18890 | SQL Injection vulnerability in multiple products A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query. | 4.0 |
2019-11-21 | CVE-2019-5087 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. | 6.8 |
2019-11-21 | CVE-2019-5086 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. | 6.8 |
2019-11-21 | CVE-2014-1936 | Improper Input Validation vulnerability in multiple products rc before 1.7.1-5 insecurely creates temporary files. | 5.0 |
2019-11-21 | CVE-2014-1935 | Improper Input Validation vulnerability in multiple products 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames. | 5.0 |
2019-11-21 | CVE-2014-0083 | Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords. | 2.1 |