The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian

wpa: information disclosure via bad random in cryptography
An attacker can bypass access restrictions to data because iof the use of bad random data in wpa, in order to obtain sensitive information...
CVE-2019-10064, DLA-2138-1, VIGILANCE-VUL-31769
Apache mod_auth_openidc: open redirect via Slash Backslash
An attacker can deceive the user via Slash Backslash of Apache mod_auth_openidc, in order to redirect him to a malicious site...
CVE-2019-20479, DLA-2130-1, openSUSE-SU-2020:0376-1, SUSE-SU-2020:0705-1, SUSE-SU-2020:0706-1, VIGILANCE-VUL-31708
cloud-init: information disclosure via Small Password Prediction
An attacker can bypass access restrictions to data via Small Password Prediction of cloud-init, in order to obtain sensitive information...
CVE-2020-8632, DLA-2113-1, openSUSE-SU-2020:0400-1, SUSE-SU-2020:0585-1, SUSE-SU-2020:0751-1, VIGILANCE-VUL-31655
cloud-init: information disclosure via Mersenne Twister Password Prediction
An attacker can bypass access restrictions to data via Mersenne Twister Password Prediction of cloud-init, in order to obtain sensitive information...
CVE-2020-8631, DLA-2113-1, openSUSE-SU-2020:0400-1, SUSE-SU-2020:0585-1, SUSE-SU-2020:0751-1, VIGILANCE-VUL-31654
libgd: NULL pointer dereference via gdImageClone
An attacker can force a NULL pointer to be dereferenced via gdImageClone() of libgd, in order to trigger a denial of service...
CVE-2018-14553, DLA-2106-1, openSUSE-SU-2020:0332-1, SSA:2020-083-01, SUSE-SU-2020:0594-1, SUSE-SU-2020:0623-1, VIGILANCE-VUL-31617
Sudo: privilege escalation via pwfeedback
An attacker can bypass restrictions via pwfeedback of Sudo, in order to escalate his privileges...
CVE-2019-18634, DLA-2094-1, DSA-4614-1, FEDORA-2020-8b563bc5f4, HT210919, openSUSE-SU-2020:0244-1, RHSA-2020:0487-01, RHSA-2020:0509-01, RHSA-2020:0540-01, RHSA-2020:0726-01, SSA:2020-031-01, SUSE-SU-2020:0390-1, SUSE-SU-2020:0406-1, SUSE-SU-2020:0407-1, SUSE-SU-2020:0408-1, SUSE-SU-2020:0409-1, USN-4263-1, USN-4263-2, VIGILANCE-VUL-31480
Pillow: buffer overflow via libImaging/SgiRleDecode.c
An attacker can trigger a buffer overflow via libImaging/SgiRleDecode.c of Pillow, in order to trigger a denial of service, and possibly to run code...
CVE-2020-5311, DSA-4631-1, FEDORA-2020-5cdbb19cca, FEDORA-2020-df444e464e, RHSA-2020:0566-01, RHSA-2020:0580-01, USN-4272-1, VIGILANCE-VUL-31475
libsolv: denial of service via repodata_schema2id
An attacker can send malicious repodata_schema2id() packets to libsolv, in order to trigger a denial of service...
DLA-2088-1, repodata_schema2id, VIGILANCE-VUL-31469
Suricata: privilege escalation via TCP FIN Overlapping Signature Bypass
An attacker can bypass restrictions via TCP FIN Overlapping Signature Bypass of Suricata, in order to escalate his privileges...
CVE-2019-18792, DLA-2087-1, VIGILANCE-VUL-31467
Suricata: privilege escalation via TCP Timestamp Signature Bypass
An attacker can bypass restrictions via TCP Timestamp Signature Bypass of Suricata, in order to escalate his privileges...
CVE-2019-18625, DLA-2087-1, VIGILANCE-VUL-31466
Our database contains other pages. You can request a free trial to read them.

Display information about Debian: