Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-22 CVE-2020-11096 In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order.
network
low complexity
freerdp fedoraproject opensuse canonical debian
6.5
2020-06-22 CVE-2020-11095 In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES.
network
low complexity
freerdp fedoraproject opensuse canonical debian
5.4
2020-06-21 CVE-2020-14954 Injection vulnerability in multiple products
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3.
5.9
2020-06-19 CVE-2020-8167 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
network
low complexity
rubyonrails debian CWE-352
6.5
2020-06-18 CVE-2020-3350 Race Condition vulnerability in multiple products
A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system.
local
high complexity
cisco fedoraproject debian canonical CWE-362
6.3
2020-06-17 CVE-2020-8619 Improper Resource Shutdown or Release vulnerability in multiple products
In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered.
4.9
2020-06-17 CVE-2020-14405 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
network
low complexity
libvnc-project canonical debian siemens CWE-770
6.5
2020-06-17 CVE-2020-14404 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
network
low complexity
libvnc-project canonical debian siemens CWE-787
5.4
2020-06-17 CVE-2020-14403 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
network
low complexity
libvnc-project canonical debian siemens CWE-787
5.4
2020-06-17 CVE-2020-14402 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
network
low complexity
libvnc-project canonical debian siemens CWE-787
5.4