Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-15 | CVE-2020-14385 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. | 5.5 |
| 2020-09-15 | CVE-2020-14314 | Out-of-bounds Read vulnerability in multiple products A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. | 5.5 |
| 2020-09-15 | CVE-2020-8927 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. | 6.5 |
| 2020-09-13 | CVE-2020-25285 | NULL Pointer Dereference vulnerability in multiple products A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812. | 4.4 |
| 2020-09-11 | CVE-2020-14332 | Improper Output Neutralization for Logs vulnerability in multiple products A flaw was found in the Ansible Engine when using module_args. | 5.5 |
| 2020-09-11 | CVE-2020-14330 | Information Exposure Through Log Files vulnerability in multiple products An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. | 5.5 |
| 2020-09-11 | CVE-2020-15169 | Cross-site Scripting vulnerability in multiple products In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. | 6.1 |
| 2020-09-11 | CVE-2020-25269 | Use After Free vulnerability in multiple products An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. | 6.5 |
| 2020-09-11 | CVE-2019-20917 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. | 6.5 |
| 2020-09-10 | CVE-2020-13920 | Missing Authentication for Critical Function vulnerability in multiple products Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. | 5.9 |