Vulnerabilities > Debian > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-09	CVE-2020-7068	Use After Free vulnerability in multiple products In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure. local high complexity php debian tenable CWE-416	3.6
2020-09-09	CVE-2020-1968	Information Exposure Through Discrepancy vulnerability in multiple products The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. network high complexity openssl canonical debian oracle fujitsu CWE-203	3.7
2020-09-02	CVE-2020-24654	Link Following vulnerability in multiple products In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. local low complexity kde canonical debian opensuse fedoraproject CWE-59	3.3
2020-08-31	CVE-2020-12829	Integer Overflow or Wraparound vulnerability in multiple products In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. local low complexity qemu canonical debian CWE-190	3.8
2020-08-11	CVE-2020-16092	Reachable Assertion vulnerability in multiple products In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. local low complexity qemu debian canonical opensuse CWE-617	3.8
2020-08-03	CVE-2020-16116	Path Traversal vulnerability in multiple products In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. local low complexity kde debian fedoraproject opensuse canonical CWE-22	3.3
2020-07-30	CVE-2020-16166	Use of Insufficiently Random Values vulnerability in multiple products The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. network high complexity linux opensuse fedoraproject debian canonical netapp oracle CWE-330	3.7
2020-07-27	CVE-2020-15103	Integer Overflow to Buffer Overflow vulnerability in multiple products In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. network low complexity freerdp fedoraproject opensuse canonical debian CWE-680	3.5
2020-07-21	CVE-2020-15859	Use After Free vulnerability in multiple products QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address. local low complexity qemu debian CWE-416	3.3
2020-07-15	CVE-2020-14573	Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). network high complexity oracle netapp fedoraproject opensuse debian canonical	3.7