Debian

Debian Linux

9144 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-3481

  • EPSS 5.86%
  • Veröffentlicht 20.07.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:31:09

A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to...

9.8

CVE-2020-14001

  • EPSS 9.35%
  • Veröffentlicht 17.07.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:02:19

The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins w...

5.9

CVE-2020-14928

Exploit
  • EPSS 6.35%
  • Veröffentlicht 17.07.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:04:27

evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."

5.9

CVE-2020-15586

  • EPSS 0.61%
  • Veröffentlicht 17.07.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:05:48

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.

6.1

CVE-2020-15803

  • EPSS 2.09%
  • Veröffentlicht 17.07.2020 03:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:12

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

5

CVE-2020-14621

  • EPSS 0.46%
  • Veröffentlicht 15.07.2020 18:15:27
  • Zuletzt bearbeitet 27.05.2025 16:33:09

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenti...

4.3

CVE-2020-14593

  • EPSS 0.41%
  • Veröffentlicht 15.07.2020 18:15:25
  • Zuletzt bearbeitet 27.05.2025 16:29:06

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthentica...

4.3

CVE-2020-14581

  • EPSS 0.45%
  • Veröffentlicht 15.07.2020 18:15:24
  • Zuletzt bearbeitet 27.05.2025 16:38:37

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated a...

5.1

CVE-2020-14583

  • EPSS 1.02%
  • Veröffentlicht 15.07.2020 18:15:24
  • Zuletzt bearbeitet 27.05.2025 16:28:16

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows una...

4.3

CVE-2020-14573

  • EPSS 0.44%
  • Veröffentlicht 15.07.2020 18:15:23
  • Zuletzt bearbeitet 21.11.2024 05:03:34

Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple prot...