Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-27 | CVE-2019-9232 | Out-of-bounds Read vulnerability in multiple products In libvpx, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
2019-09-27 | CVE-2019-8075 | Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. | 7.5 |
2019-09-26 | CVE-2019-16869 | HTTP Request Smuggling vulnerability in multiple products Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. | 7.5 |
2019-09-26 | CVE-2019-10092 | Cross-site Scripting vulnerability in multiple products In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. | 6.1 |
2019-09-26 | CVE-2019-16910 | Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. | 5.3 |
2019-09-26 | CVE-2019-16738 | Missing Authorization vulnerability in multiple products In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup. | 5.3 |
2019-09-25 | CVE-2017-18635 | Cross-site Scripting vulnerability in multiple products An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. | 4.3 |
2019-09-25 | CVE-2019-15941 | Incorrect Authorization vulnerability in multiple products OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. | 7.5 |
2019-09-24 | CVE-2019-5094 | Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. | 6.7 |
2019-09-24 | CVE-2019-16746 | Classic Buffer Overflow vulnerability in multiple products An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. | 9.8 |