Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-06 | CVE-2020-36306 | Cross-site Scripting vulnerability in multiple products Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field. | 6.1 |
| 2021-04-06 | CVE-2019-25026 | Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting. | 5.3 |
| 2021-04-06 | CVE-2021-30158 | Improper Authentication vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 5.3 |
| 2021-04-06 | CVE-2021-30157 | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 6.1 |
| 2021-04-06 | CVE-2021-30154 | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 6.1 |
| 2021-04-06 | CVE-2021-30151 | Cross-site Scripting vulnerability in multiple products Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. | 6.1 |
| 2021-04-02 | CVE-2020-10001 | Improper Input Validation vulnerability in multiple products An input validation issue was addressed with improved memory handling. | 5.5 |
| 2021-04-02 | CVE-2021-30002 | Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. | 6.2 |
| 2021-04-01 | CVE-2021-22876 | Information Exposure vulnerability in multiple products curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. | 5.3 |
| 2021-04-01 | CVE-2021-20296 | A flaw was found in OpenEXR in versions before 3.0.0-beta. | 5.3 |