Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-19 | CVE-2020-14929 | Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do. | 7.5 |
2020-06-19 | CVE-2020-8165 | Deserialization of Untrusted Data vulnerability in multiple products A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. | 7.5 |
2020-06-19 | CVE-2020-8184 | Improper Input Validation vulnerability in multiple products A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix. | 7.5 |
2020-06-17 | CVE-2020-14400 | An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
2020-06-17 | CVE-2020-14399 | An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
2020-06-17 | CVE-2019-20840 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
2020-06-17 | CVE-2019-20839 | Classic Buffer Overflow vulnerability in multiple products libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. | 7.5 |
2020-06-17 | CVE-2018-21247 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
2020-06-15 | CVE-2020-14148 | Out-of-bounds Read vulnerability in multiple products The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function. | 7.5 |
2020-06-15 | CVE-2020-14152 | Resource Exhaustion vulnerability in multiple products In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption. | 7.1 |