Debian

Debian Linux

9144 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-28949

Warning Exploit
  • EPSS 93.06%
  • Published 19.11.2020 19:15:11
  • Last modified 22.10.2025 00:17:05

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

9.8

CVE-2019-20933

  • EPSS 93.97%
  • Published 19.11.2020 02:15:11
  • Last modified 21.11.2024 04:39:42

InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).

6.1

CVE-2020-26215

  • EPSS 0.57%
  • Published 18.11.2020 22:15:11
  • Last modified 21.11.2024 05:19:32

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously cra...

9.3

CVE-2020-26217

Exploit
  • EPSS 93.17%
  • Published 16.11.2020 21:15:12
  • Last modified 23.05.2025 16:54:19

XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone...

8.1

CVE-2020-25694

  • EPSS 0.12%
  • Published 16.11.2020 01:15:12
  • Last modified 21.11.2024 05:18:29

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while drop...

8.8

CVE-2020-25695

  • EPSS 23.34%
  • Published 16.11.2020 01:15:12
  • Last modified 21.11.2024 05:18:29

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions un...

5.5

CVE-2020-8695

  • EPSS 0.23%
  • Published 12.11.2020 18:15:16
  • Last modified 21.11.2024 05:39:16

Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

5.5

CVE-2020-8696

  • EPSS 0.2%
  • Published 12.11.2020 18:15:16
  • Last modified 21.11.2024 05:39:16

Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2020-8698

  • EPSS 0.27%
  • Published 12.11.2020 18:15:16
  • Last modified 21.11.2024 05:39:17

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

6.1

CVE-2020-25706

Exploit
  • EPSS 2.14%
  • Published 12.11.2020 14:15:22
  • Last modified 21.11.2024 05:18:32

A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field