Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-03-24 CVE-2020-10942 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. 		5.4
5.4
2020-03-24 CVE-2020-6080 Memory Leak vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0.
network
low complexity
videolabs debian CWE-401
5.0
5.0
2020-03-24 CVE-2020-6079 Memory Leak vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0.
network
low complexity
videolabs debian CWE-401
5.0
5.0
2020-03-24 CVE-2020-6077 Out-of-bounds Read vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0.
network
low complexity
videolabs debian CWE-125
5.0
5.0
2020-03-24 CVE-2020-6073 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0.
network
low complexity
videolabs debian CWE-190
5.0
5.0
2020-03-24 CVE-2020-6071 Uncontrolled Recursion vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0.
network
low complexity
videolabs debian CWE-674
5.0
5.0
2020-03-24 CVE-2020-10941 Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
network
high complexity
arm fedoraproject debian
5.9
5.9
2020-03-24 CVE-2020-9359 KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
local
low complexity
kde debian fedoraproject
5.3
5.3
2020-03-23 CVE-2020-8866 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22.
network
low complexity
horde debian CWE-434
6.5
6.5
2020-03-23 CVE-2020-8865 Path Traversal vulnerability in multiple products
This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22.
network
low complexity
horde debian CWE-22
6.3
6.3