Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-15 | CVE-2020-12888 | Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. | 5.3 |
| 2020-05-15 | CVE-2020-11523 | Integer Overflow or Wraparound vulnerability in multiple products libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. | 6.0 |
| 2020-05-15 | CVE-2020-11522 | Out-of-bounds Read vulnerability in multiple products libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. | 6.4 |
| 2020-05-15 | CVE-2020-11521 | Integer Overflow or Wraparound vulnerability in multiple products libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | 6.0 |
| 2020-05-15 | CVE-2020-3810 | Out-of-bounds Read vulnerability in multiple products Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. | 5.5 |
| 2020-05-14 | CVE-2020-0093 | Out-of-bounds Read vulnerability in multiple products In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. | 5.0 |
| 2020-05-13 | CVE-2020-8020 | Cross-site Scripting vulnerability in multiple products A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. | 4.3 |
| 2020-05-12 | CVE-2020-1746 | Information Exposure vulnerability in multiple products A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. | 5.0 |
| 2020-05-11 | CVE-2020-10685 | Incomplete Cleanup vulnerability in multiple products A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. | 5.5 |
| 2020-05-09 | CVE-2020-12771 | Improper Locking vulnerability in multiple products An issue was discovered in the Linux kernel through 5.6.11. | 4.9 |