Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-19 CVE-2016-1000236 Race Condition vulnerability in multiple products
Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.
network
high complexity
cookie-signature-project debian CWE-362
4.4
2019-11-19 CVE-2012-0843 Information Exposure vulnerability in multiple products
uzbl: Information disclosure via world-readable cookies storage file
local
low complexity
uzbl debian CWE-200
5.5
2019-11-19 CVE-2011-4968 Improper Input Validation vulnerability in multiple products
nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)
network
high complexity
f5 debian CWE-20
4.8
2019-11-19 CVE-2012-0842 Information Exposure vulnerability in multiple products
surf: cookie jar has read access from other local user
local
low complexity
suckless debian CWE-200
5.5
2019-11-18 CVE-2019-19068 Memory Leak vulnerability in multiple products
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.
4.6
2019-11-18 CVE-2019-19066 Memory Leak vulnerability in multiple products
A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.
4.7
2019-11-18 CVE-2019-19062 Memory Leak vulnerability in multiple products
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.
4.7
2019-11-18 CVE-2019-19056 Memory Leak vulnerability in multiple products
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.
4.7
2019-11-18 CVE-2019-19051 Memory Leak vulnerability in multiple products
A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.
local
low complexity
linux debian canonical opensuse CWE-401
5.5
2019-11-15 CVE-2011-2910 Improper Privilege Management vulnerability in multiple products
The AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a setuid call.
local
low complexity
linux-ax25 debian CWE-269
6.7