Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-14 | CVE-2020-0423 | Improper Locking vulnerability in multiple products In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. | 7.2 |
2020-10-07 | CVE-2020-26880 | Improper Privilege Management vulnerability in multiple products Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable. | 7.8 |
2020-10-07 | CVE-2020-11800 | Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code. | 7.5 |
2020-10-06 | CVE-2020-26575 | Infinite Loop vulnerability in multiple products In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. | 7.5 |
2020-10-06 | CVE-2020-25863 | In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. | 7.5 |
2020-10-06 | CVE-2020-25862 | Improper Validation of Integrity Check Value vulnerability in multiple products In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. | 7.5 |
2020-10-06 | CVE-2020-15598 | Infinite Loop vulnerability in multiple products Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special request. | 7.5 |
2020-10-06 | CVE-2020-25643 | Improper Input Validation vulnerability in multiple products A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. | 7.2 |
2020-10-01 | CVE-2020-15678 | Use After Free vulnerability in multiple products When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. | 8.8 |
2020-10-01 | CVE-2020-15227 | Code Injection vulnerability in multiple products Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. | 7.5 |