Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-05-13 CVE-2020-8020 A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS.
network
low complexity
opensuse debian
6.1
6.1
2020-05-12 CVE-2020-1746 A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used.
local
low complexity
redhat debian
5.0
5.0
2020-05-11 CVE-2020-10685 Incomplete Cleanup vulnerability in multiple products
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules.
local
low complexity
redhat debian CWE-459
5.5
5.5
2020-05-09 CVE-2020-12771 Improper Locking vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.11. 		5.5
5.5
2020-05-09 CVE-2020-12770 An issue was discovered in the Linux kernel through 5.6.11.
local
low complexity
linux fedoraproject canonical debian netapp
6.7
6.7
2020-05-09 CVE-2020-12769 Improper Synchronization vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.4.17.
local
low complexity
linux debian canonical opensuse netapp CWE-662
5.5
5.5
2020-05-09 CVE-2020-12768 Memory Leak vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.
local
low complexity
linux canonical debian CWE-401
5.5
5.5
2020-05-09 CVE-2020-12767 Divide By Zero vulnerability in multiple products
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. 		5.5
5.5
2020-05-08 CVE-2020-10690 Use After Free vulnerability in multiple products
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. 		6.4
6.4
2020-05-07 CVE-2020-11047 In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results.
network
high complexity
freerdp canonical debian
5.9
5.9