Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-27 | CVE-2016-1000110 | Open Redirect vulnerability in multiple products The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. | 6.1 |
| 2019-11-26 | CVE-2011-1934 | Information Exposure vulnerability in multiple products lilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1. | 4.0 |
| 2019-11-26 | CVE-2019-16254 | Injection vulnerability in multiple products Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. | 5.3 |
| 2019-11-26 | CVE-2019-18678 | HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Squid 3.x and 4.x through 4.8. | 5.3 |
| 2019-11-26 | CVE-2011-4350 | Path Traversal vulnerability in multiple products Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. | 4.0 |
| 2019-11-26 | CVE-2011-4082 | Resource Exhaustion vulnerability in multiple products A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. | 5.0 |
| 2019-11-26 | CVE-2011-3631 | Integer Overflow or Wraparound vulnerability in multiple products Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. | 6.8 |
| 2019-11-26 | CVE-2011-3630 | Out-of-bounds Write vulnerability in multiple products Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. | 6.8 |
| 2019-11-26 | CVE-2011-3617 | Incorrect Authorization vulnerability in multiple products Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some cases. | 5.5 |
| 2019-11-26 | CVE-2011-3596 | Reachable Assertion vulnerability in multiple products Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request. | 5.0 |