Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8867 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-16300 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2024-08-04 | 5.5 Medium |
A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
CVE-2020-16292 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2024-08-04 | 5.5 Medium |
A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
CVE-2020-16296 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2024-08-04 | 5.5 Medium |
A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
CVE-2020-16116 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-08-04 | 3.3 Low |
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. | ||||
CVE-2020-16166 | 8 Canonical, Debian, Fedoraproject and 5 more | 18 Ubuntu Linux, Debian Linux, Fedora and 15 more | 2024-08-04 | 3.7 Low |
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c. | ||||
CVE-2020-16150 | 3 Arm, Debian, Fedoraproject | 3 Mbed Tls, Debian Linux, Fedora | 2024-08-04 | 5.5 Medium |
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length. | ||||
CVE-2020-16117 | 3 Debian, Gnome, Redhat | 3 Debian Linux, Evolution-data-server, Enterprise Linux | 2024-08-04 | 5.9 Medium |
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server. | ||||
CVE-2020-16135 | 6 Canonical, Debian, Fedoraproject and 3 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2024-08-04 | 5.9 Medium |
libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL. | ||||
CVE-2020-16092 | 5 Canonical, Debian, Opensuse and 2 more | 8 Ubuntu Linux, Debian Linux, Leap and 5 more | 2024-08-04 | 3.8 Low |
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c. | ||||
CVE-2020-16043 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-08-04 | 8.8 High |
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic. | ||||
CVE-2020-16093 | 2 Debian, Lemonldap-ng | 2 Debian Linux, Lemonldap\ | 2024-08-04 | 7.5 High |
In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. | ||||
CVE-2020-15965 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 8.8 High |
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | ||||
CVE-2020-16006 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 8.8 High |
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2020-15990 | 5 Debian, Fedoraproject, Google and 2 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-08-04 | 8.8 High |
Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||||
CVE-2020-15980 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Android and 3 more | 2024-08-04 | 7.8 High |
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents. | ||||
CVE-2020-15991 | 5 Debian, Fedoraproject, Google and 2 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-08-04 | 8.8 High |
Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||||
CVE-2020-16005 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 8.8 High |
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2020-16009 | 7 Cefsharp, Debian, Fedoraproject and 4 more | 9 Cefsharp, Debian Linux, Fedora and 6 more | 2024-08-04 | 8.8 High |
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2020-16001 | 5 Debian, Fedoraproject, Google and 2 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-08-04 | 8.8 High |
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2020-16008 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 8.8 High |
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet. |