Vulnerabilities > Debian > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-04 | CVE-2019-25013 | Out-of-bounds Read vulnerability in multiple products The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. | 5.9 |
2021-01-04 | CVE-2020-24386 | An issue was discovered in Dovecot before 2.3.13. | 6.8 |
2021-01-04 | CVE-2020-35965 | Out-of-bounds Write vulnerability in multiple products decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations. | 5.0 |
2020-12-30 | CVE-2019-15523 | Unchecked Return Value vulnerability in multiple products An issue was discovered in LINBIT csync2 through 2.0. | 5.0 |
2020-12-30 | CVE-2020-26247 | XXE vulnerability in multiple products Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. | 4.3 |
2020-12-28 | CVE-2020-35730 | Cross-site Scripting vulnerability in multiple products An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. | 6.1 |
2020-12-28 | CVE-2020-35738 | Integer Overflow or Wraparound vulnerability in multiple products WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. | 6.1 |
2020-12-24 | CVE-2020-28169 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM. | 6.9 |
2020-12-20 | CVE-2020-35573 | Excessive Iteration vulnerability in multiple products srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in an SRS address. | 5.0 |
2020-12-18 | CVE-2020-35480 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in MediaWiki before 1.35.1. | 5.3 |