Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-20 | CVE-2013-1817 | Information Exposure vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. | 5.0 |
| 2019-11-20 | CVE-2013-1816 | Improper Input Validation vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | 5.0 |
| 2019-11-20 | CVE-2015-1606 | Use After Free vulnerability in multiple products The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file. | 5.5 |
| 2019-11-20 | CVE-2011-0529 | Improper Input Validation vulnerability in multiple products Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. | 5.0 |
| 2019-11-20 | CVE-2012-6136 | Incorrect Default Permissions vulnerability in multiple products tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. | 4.9 |
| 2019-11-19 | CVE-2016-1000236 | Race Condition vulnerability in multiple products Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used. | 4.4 |
| 2019-11-19 | CVE-2012-6071 | Improper Certificate Validation vulnerability in multiple products nuSOAP before 0.7.3-5 does not properly check the hostname of a cert. | 5.0 |
| 2019-11-19 | CVE-2011-4968 | Improper Input Validation vulnerability in multiple products nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM) | 5.8 |
| 2019-11-18 | CVE-2019-19068 | Memory Leak vulnerability in multiple products A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6. | 4.6 |
| 2019-11-18 | CVE-2019-19066 | Memory Leak vulnerability in multiple products A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd. | 4.7 |