Debian

Debian Linux

9144 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-11739

  • EPSS 0.09%
  • Veröffentlicht 14.04.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 04:58:31

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier....

5.5

CVE-2020-11740

  • EPSS 0.11%
  • Veröffentlicht 14.04.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 04:58:31

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been ...

8.8

CVE-2020-11741

  • EPSS 0.11%
  • Veröffentlicht 14.04.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 04:58:31

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profi...

3.9

CVE-2020-11736

  • EPSS 0.06%
  • Veröffentlicht 13.04.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:30

fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.

8.8

CVE-2020-6455

  • EPSS 1.23%
  • Veröffentlicht 13.04.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:35:45

Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5

CVE-2020-6456

  • EPSS 0.61%
  • Veröffentlicht 13.04.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:35:45

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.

8.8

CVE-2020-6436

  • EPSS 1.49%
  • Veröffentlicht 13.04.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:35:43

Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

4.3

CVE-2020-6437

Exploit
  • EPSS 0.92%
  • Veröffentlicht 13.04.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:35:43

Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.

4.3

CVE-2020-6438

Exploit
  • EPSS 0.69%
  • Veröffentlicht 13.04.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:35:43

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extens...

8.8

CVE-2020-6439

  • EPSS 0.88%
  • Veröffentlicht 13.04.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:35:43

Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.