Vulnerabilities > Debian > Low

DATE CVE VULNERABILITY TITLE RISK
2020-05-29 CVE-2020-11041 Improper Validation of Array Index vulnerability in multiple products
In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...).
network
low complexity
freerdp opensuse debian CWE-129
2.7
2020-05-28 CVE-2020-13362 Out-of-bounds Read vulnerability in multiple products
In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.
local
low complexity
qemu debian opensuse canonical CWE-125
3.2
2020-05-28 CVE-2020-13361 Out-of-bounds Write vulnerability in multiple products
In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.
local
high complexity
qemu debian opensuse canonical CWE-787
3.9
2020-05-27 CVE-2020-13253 Out-of-bounds Read vulnerability in multiple products
sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations.
local
low complexity
qemu canonical debian CWE-125
2.1
2020-05-26 CVE-2020-3812 Improper Privilege Management vulnerability in multiple products
qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability.
local
low complexity
netqmail debian canonical CWE-269
2.1
2020-05-15 CVE-2020-11525 Out-of-bounds Read vulnerability in multiple products
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
3.5
2020-05-15 CVE-2020-11526 Integer Overflow or Wraparound vulnerability in multiple products
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
3.5
2020-05-12 CVE-2020-11058 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read.
network
high complexity
freerdp canonical debian CWE-119
2.2
2020-05-07 CVE-2020-11048 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read.
network
high complexity
freerdp canonical debian CWE-125
2.2
2020-05-07 CVE-2020-11049 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser.
network
high complexity
freerdp canonical debian CWE-125
2.2