Debian

Debian Linux

9928 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2020-13254

  • EPSS 8.67%
  • Veröffentlicht 03.06.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:00:53

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.

6.1

CVE-2020-13596

  • EPSS 0.99%
  • Veröffentlicht 03.06.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:01:34

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.

5.5

CVE-2019-20811

  • EPSS 0.03%
  • Veröffentlicht 03.06.2020 03:15:10
  • Zuletzt bearbeitet 21.11.2024 04:39:25

An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.

7.5

CVE-2020-7663

Exploit
  • EPSS 2.42%
  • Veröffentlicht 02.06.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:37:33

websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-b...

6

CVE-2020-13401

  • EPSS 12.87%
  • Veröffentlicht 02.06.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 05:01:11

An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial o...

6.7

CVE-2020-13754

  • EPSS 0.03%
  • Veröffentlicht 02.06.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 05:01:47

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.

2.5

CVE-2020-13659

  • EPSS 0.04%
  • Veröffentlicht 02.06.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 05:01:42

address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.

5.5

CVE-2020-12867

Exploit
  • EPSS 0.13%
  • Veröffentlicht 01.06.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 05:00:27

A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.

6

CVE-2020-11089

  • EPSS 0.23%
  • Veröffentlicht 29.05.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:56:45

In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1...

4

CVE-2020-11040

  • EPSS 0.12%
  • Veröffentlicht 29.05.2020 20:15:10
  • Zuletzt bearbeitet 21.11.2024 04:56:39

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.