Debian

Debian Linux

9928 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-4067

  • EPSS 1.1%
  • Veröffentlicht 29.06.2020 20:15:10
  • Zuletzt bearbeitet 21.11.2024 05:32:14

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligent...

7.5

CVE-2020-11996

  • EPSS 45.12%
  • Veröffentlicht 26.06.2020 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:59:04

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTT...

5.5

CVE-2020-15305

  • EPSS 0.11%
  • Veröffentlicht 26.06.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:17

An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.

5.5

CVE-2020-15306

  • EPSS 0.13%
  • Veröffentlicht 26.06.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:17

An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.

5.5

CVE-2020-10177

  • EPSS 0.12%
  • Veröffentlicht 25.06.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:54:55

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.

3.1

CVE-2020-15005

  • EPSS 0.74%
  • Veröffentlicht 24.06.2020 23:15:10
  • Zuletzt bearbeitet 21.11.2024 05:04:36

In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized use...

7.5

CVE-2020-9494

  • EPSS 1.17%
  • Veröffentlicht 24.06.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:40:46

Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.

4.3

CVE-2020-12862

Exploit
  • EPSS 0.17%
  • Veröffentlicht 24.06.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:26

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.

4.3

CVE-2020-12863

Exploit
  • EPSS 0.17%
  • Veröffentlicht 24.06.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:26

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.

8

CVE-2020-12865

Exploit
  • EPSS 0.3%
  • Veröffentlicht 24.06.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:26

A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.