Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-04 | CVE-2020-27766 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/statistic.c. | 7.8 |
2020-12-03 | CVE-2020-17527 | Information Exposure vulnerability in multiple products While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. | 7.5 |
2020-12-03 | CVE-2020-27778 | Access of Uninitialized Pointer vulnerability in multiple products A flaw was found in Poppler in the way certain PDF files were converted into HTML. | 7.5 |
2020-12-02 | CVE-2020-25638 | SQL Injection vulnerability in multiple products A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. | 7.4 |
2020-12-02 | CVE-2020-27813 | Resource Exhaustion vulnerability in multiple products An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. | 7.5 |
2020-11-30 | CVE-2020-29394 | Out-of-bounds Write vulnerability in multiple products A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument). | 7.8 |
2020-11-30 | CVE-2020-28926 | Classic Buffer Overflow vulnerability in multiple products ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. | 7.5 |
2020-11-27 | CVE-2020-25708 | Divide By Zero vulnerability in multiple products A divide by zero issue was found to occur in libvncserver-0.9.12. | 7.5 |
2020-11-25 | CVE-2020-29074 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user. | 8.8 |
2020-11-24 | CVE-2020-26237 | Modification of Assumed-Immutable Data (MAID) vulnerability in multiple products Highlight.js is a syntax highlighter written in JavaScript. | 8.7 |