Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-02-06 | CVE-2019-7548 | SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. | Debian_linux, Backports_sle, Leap, Communications_operations_monitor, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Sqlalchemy | 7.8 | ||
2019-03-12 | CVE-2019-9706 | Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (use-after-free and daemon crash) because of a force_rescan_user error. | Cron, Debian_linux | 5.5 | ||
2019-02-09 | CVE-2019-7665 | In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes. | Ubuntu_linux, Debian_linux, Elfutils, Leap, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 5.5 | ||
2019-08-01 | CVE-2019-14493 | An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp. | Debian_linux, Opencv | 7.5 | ||
2019-09-05 | CVE-2019-15939 | An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp. | Debian_linux, Opencv, Leap | 5.9 | ||
2020-05-28 | CVE-2020-11082 | In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1. | Debian_linux, Kaminari | 6.1 | ||
2020-06-24 | CVE-2020-15011 | GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. | Ubuntu_linux, Debian_linux, Mailman | 4.3 | ||
2021-04-02 | CVE-2020-10001 | An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to read restricted memory. | Mac_os_x, Debian_linux | 5.5 | ||
2021-05-21 | CVE-2020-36330 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. | Ipados, Iphone_os, Debian_linux, Ontap_select_deploy_administration_utility, Enterprise_linux, Libwebp | 9.1 | ||
2021-05-25 | CVE-2020-20445 | FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service. | Debian_linux, Ffmpeg | 6.5 |