Vulnerabilities > Debian > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-27 | CVE-2019-18823 | Improper Authentication vulnerability in multiple products HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control. | 9.8 |
| 2020-04-27 | CVE-2020-12268 | Out-of-bounds Write vulnerability in multiple products jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. | 9.8 |
| 2020-04-23 | CVE-2019-20788 | Integer Overflow or Wraparound vulnerability in multiple products libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. | 9.8 |
| 2020-04-23 | CVE-2020-11945 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in Squid before 5.0.2. | 9.8 |
| 2020-04-15 | CVE-2019-12519 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid through 4.7. | 9.8 |
| 2020-04-15 | CVE-2019-12524 | Missing Authentication for Critical Function vulnerability in multiple products An issue was discovered in Squid through 4.7. | 9.8 |
| 2020-04-15 | CVE-2020-11729 | Session Fixation vulnerability in multiple products An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. | 9.8 |
| 2020-03-31 | CVE-2020-10595 | Classic Buffer Overflow vulnerability in multiple products pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. | 9.8 |
| 2020-03-25 | CVE-2020-1957 | Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 9.8 |
| 2020-03-24 | CVE-2020-6072 | Double Free vulnerability in multiple products An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. | 9.8 |