Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-05-15 CVE-2020-3810 Out-of-bounds Read vulnerability in multiple products
Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files.
local
low complexity
debian fedoraproject canonical CWE-125
5.5
5.5
2020-05-14 CVE-2020-0093 Out-of-bounds Read vulnerability in multiple products
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. 		5.0
5.0
2020-05-13 CVE-2020-8020 A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS.
network
low complexity
opensuse debian
6.1
6.1
2020-05-12 CVE-2020-1746 A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used.
local
low complexity
redhat debian
5.0
5.0
2020-05-11 CVE-2020-10685 Incomplete Cleanup vulnerability in multiple products
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules.
local
low complexity
redhat debian CWE-459
5.5
5.5
2020-05-09 CVE-2020-12771 Improper Locking vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.11. 		5.5
5.5
2020-05-09 CVE-2020-12770 An issue was discovered in the Linux kernel through 5.6.11.
local
low complexity
linux fedoraproject canonical debian netapp
6.7
6.7
2020-05-09 CVE-2020-12769 Improper Synchronization vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.4.17.
local
low complexity
linux debian canonical opensuse netapp CWE-662
5.5
5.5
2020-05-09 CVE-2020-12768 Memory Leak vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.
local
low complexity
linux canonical debian CWE-401
5.5
5.5
2020-05-09 CVE-2020-12767 Divide By Zero vulnerability in multiple products
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. 		5.5
5.5