Vulnerabilities > Debian > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-18 | CVE-2020-26215 | Open Redirect vulnerability in multiple products Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. | 5.8 |
2020-11-12 | CVE-2020-8698 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
2020-11-12 | CVE-2020-8696 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
2020-11-12 | CVE-2020-8695 | Information Exposure Through Discrepancy vulnerability in multiple products Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | 5.5 |
2020-11-12 | CVE-2020-25706 | Cross-site Scripting vulnerability in multiple products A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field | 6.1 |
2020-11-10 | CVE-2020-28368 | Missing Authorization vulnerability in multiple products Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. | 4.4 |
2020-11-06 | CVE-2020-27617 | Reachable Assertion vulnerability in multiple products eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. | 4.0 |
2020-11-06 | CVE-2020-17490 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions. | 5.5 |
2020-11-06 | CVE-2020-28242 | Uncontrolled Recursion vulnerability in multiple products An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. | 6.5 |
2020-11-06 | CVE-2020-28241 | Out-of-bounds Read vulnerability in multiple products libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c. | 6.5 |