Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-15 | CVE-2020-29479 | Missing Authorization vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 8.8 |
2020-12-15 | CVE-2020-29569 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. | 8.8 |
2020-12-14 | CVE-2020-8286 | Improper Certificate Validation vulnerability in multiple products curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. | 7.5 |
2020-12-14 | CVE-2020-8285 | Uncontrolled Recursion vulnerability in multiple products curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. | 7.5 |
2020-12-14 | CVE-2020-8231 | Use After Free vulnerability in multiple products Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. | 7.5 |
2020-12-14 | CVE-2020-8177 | Injection vulnerability in multiple products curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. | 7.8 |
2020-12-14 | CVE-2020-8169 | Information Exposure vulnerability in multiple products curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s). | 7.5 |
2020-12-09 | CVE-2020-29661 | Improper Locking vulnerability in multiple products A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. | 7.8 |
2020-12-08 | CVE-2020-27918 | Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. | 7.8 |
2020-12-07 | CVE-2020-29599 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. | 7.8 |