Vulnerabilities > Debian > Low

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-2757 Improper Handling of Exceptional Conditions vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
3.7
2020-04-15 CVE-2020-2773 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). 3.7
2020-04-15 CVE-2020-2778 Vulnerability in the Java SE product of Oracle Java SE (component: JSSE).
network
high complexity
oracle netapp debian canonical opensuse
3.7
2020-04-15 CVE-2020-2933 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J).
network
high complexity
oracle fedoraproject debian
2.2
2020-04-13 CVE-2020-11736 Link Following vulnerability in multiple products
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
3.3
2020-04-02 CVE-2020-11494 Missing Initialization of Resource vulnerability in multiple products
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2.
local
low complexity
linux opensuse debian canonical CWE-909
2.1
2020-03-26 CVE-2019-15795 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier.
network
high complexity
ubuntu canonical debian CWE-327
2.6
2020-03-26 CVE-2019-15796 Improper Verification of Cryptographic Signature vulnerability in multiple products
Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier.
network
high complexity
ubuntu canonical debian CWE-347
2.6
2020-03-12 CVE-2020-1739 Information Exposure vulnerability in multiple products
A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node.
local
low complexity
redhat fedoraproject debian CWE-200
3.9
2020-03-05 CVE-2019-20382 Memory Leak vulnerability in multiple products
QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.
3.5