Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-22 | CVE-2020-27671 | An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled. | 7.8 |
2020-10-22 | CVE-2020-27670 | Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. | 7.8 |
2020-10-22 | CVE-2020-15683 | Use After Free vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. | 7.5 |
2020-10-22 | CVE-2020-27638 | Reachable Assertion vulnerability in multiple products receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code. | 7.5 |
2020-10-15 | CVE-2020-27153 | Double Free vulnerability in multiple products In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. | 7.5 |
2020-10-14 | CVE-2020-0423 | Improper Locking vulnerability in multiple products In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. | 7.2 |
2020-10-07 | CVE-2020-26880 | Improper Privilege Management vulnerability in multiple products Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable. | 7.8 |
2020-10-07 | CVE-2020-11800 | Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code. | 7.5 |
2020-10-06 | CVE-2020-26575 | Infinite Loop vulnerability in multiple products In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. | 7.5 |
2020-10-06 | CVE-2020-25863 | In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. | 7.5 |