Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-12-20 CVE-2012-6094 Incorrect Authorization vulnerability in multiple products
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system
network
low complexity
apple debian CWE-863
critical
 9.8
9.8
2019-12-15 CVE-2014-8650 Improper Authentication vulnerability in multiple products
python-requests-Kerberos through 0.5 does not handle mutual authentication
network
low complexity
requests-kerberos-project debian CWE-287
critical
 9.8
9.8
2019-12-13 CVE-2014-0175 Use of Hard-coded Credentials vulnerability in multiple products
mcollective has a default password set at install
network
low complexity
puppet redhat debian CWE-798
critical
 9.8
9.8
2019-12-12 CVE-2019-18345 Cross-site Scripting vulnerability in multiple products
A reflected XSS issue was discovered in DAViCal through 1.1.8.
network
low complexity
davical debian CWE-79
critical
 9.3
9.3
2019-12-11 CVE-2019-19725 Double Free vulnerability in multiple products
sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c.
network
low complexity
sysstat-project debian canonical CWE-415
critical
 9.8
9.8
2019-12-10 CVE-2012-1577 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.
network
low complexity
openbsd dietlibc-project debian CWE-335
critical
 9.8
9.8
2019-12-10 CVE-2013-2167 Insufficient Verification of Data Authenticity vulnerability in multiple products
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
network
low complexity
openstack redhat debian CWE-345
critical
 9.8
9.8
2019-12-10 CVE-2013-2166 Inadequate Encryption Strength vulnerability in multiple products
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass
network
low complexity
openstack redhat fedoraproject debian CWE-326
critical
 9.8
9.8
2019-12-06 CVE-2019-19617 phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.
network
low complexity
phpmyadmin debian
critical
 9.8
9.8
2019-12-04 CVE-2013-2745 SQL Injection vulnerability in multiple products
An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0
network
low complexity
minidlna-project debian CWE-89
critical
 9.8
9.8