Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-02 CVE-2020-13401 Improper Input Validation vulnerability in multiple products
An issue was discovered in Docker Engine before 19.03.11.
network
high complexity
docker fedoraproject debian broadcom CWE-20
6.0
6.0
2020-06-01 CVE-2020-12867 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075. 		5.5
5.5
2020-05-29 CVE-2020-11089 In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write).
network
low complexity
freerdp opensuse debian
5.5
5.5
2020-05-29 CVE-2020-11088 In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage.
network
low complexity
freerdp opensuse debian
5.4
5.4
2020-05-29 CVE-2020-11087 In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage.
network
low complexity
freerdp opensuse debian
5.4
5.4
2020-05-29 CVE-2020-11086 In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure.
network
low complexity
freerdp opensuse debian
5.4
5.4
2020-05-29 CVE-2020-11039 In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks.
network
low complexity
freerdp opensuse debian
6.8
6.8
2020-05-29 CVE-2020-11038 In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists.
network
low complexity
freerdp opensuse debian
5.4
5.4
2020-05-29 CVE-2020-11019 In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index.
network
low complexity
freerdp opensuse debian
6.5
6.5
2020-05-29 CVE-2020-11018 In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed.
network
low complexity
freerdp opensuse debian
6.5
6.5