Vulnerabilities > Debian > Low

DATE CVE VULNERABILITY TITLE RISK
2019-12-10 CVE-2019-13762 Improper Locking vulnerability in multiple products
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
local
low complexity
google debian fedoraproject redhat CWE-667
3.3
2019-12-03 CVE-2019-19534 Missing Initialization of Resource vulnerability in multiple products
In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.
low complexity
linux debian canonical CWE-909
2.4
2019-11-27 CVE-2012-6655 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.
3.3
2019-11-26 CVE-2011-3374 Improper Verification of Cryptographic Signature vulnerability in Debian Advanced Package Tool and Debian Linux
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
network
high complexity
debian CWE-347
3.7
2019-11-19 CVE-2019-19126 Improper Initialization vulnerability in multiple products
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
local
low complexity
gnu canonical fedoraproject debian CWE-665
3.3
2019-11-18 CVE-2019-19057 Memory Leak vulnerability in multiple products
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
3.3
2019-11-09 CVE-2009-3614 Improper Input Validation vulnerability in multiple products
liboping 1.3.2 allows users reading arbitrary files upon the local system.
local
low complexity
noping debian CWE-20
3.3
2019-11-05 CVE-2016-1000002 Information Exposure vulnerability in multiple products
gdm3 3.14.2 and possibly later has an information leak before screen lock
2.4
2019-10-16 CVE-2019-2894 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security).
network
high complexity
oracle debian opensuse mcafee canonical
3.7
2019-10-16 CVE-2019-2933 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
high complexity
oracle opensuse debian mcafee
3.1