Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-13 | CVE-2020-16288 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
| 2020-08-13 | CVE-2020-16287 | Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
| 2020-08-12 | CVE-2020-17507 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. | 5.3 |
| 2020-08-11 | CVE-2020-17489 | Insufficiently Protected Credentials vulnerability in multiple products An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. | 4.3 |
| 2020-08-11 | CVE-2020-0256 | Out-of-bounds Write vulnerability in multiple products In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. | 6.8 |
| 2020-08-05 | CVE-2020-14347 | A flaw was found in the way xserver memory was not properly initialized. | 5.5 |
| 2020-07-29 | CVE-2020-16135 | NULL Pointer Dereference vulnerability in multiple products libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL. | 5.9 |
| 2020-07-29 | CVE-2020-16117 | NULL Pointer Dereference vulnerability in multiple products In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. | 5.9 |
| 2020-07-29 | CVE-2020-15707 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. | 6.4 |
| 2020-07-29 | CVE-2020-15706 | Use After Free vulnerability in multiple products GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. | 6.4 |