The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian

hiredis: NULL pointer dereference via async.c / dict.c
An attacker can force a NULL pointer to be dereferenced via async.c / dict.c of hiredis, in order to trigger a denial of service...
CVE-2020-7105, DLA-2083-1, VIGILANCE-VUL-31461
storeBackup: file corruption via /tmp/storeBackup.lock
A local attacker can create a symbolic link named /tmp/storeBackup.lock, in order to alter the pointed file, with privileges of storeBackup...
CVE-2020-7040, DLA-2095-1, openSUSE-SU-2020:0119-1, VIGILANCE-VUL-31446
Mozilla NSS: information disclosure via HelloRetryRequest Lower Protocol Negotiation
An attacker can bypass access restrictions to data via HelloRetryRequest Lower Protocol Negotiation of Mozilla NSS, in order to obtain sensitive information...
1590001, CERTFR-2020-AVI-019, CVE-2019-17023, DLA-2061-1, DLA-2071-1, DSA-4600-1, DSA-4603-1, FEDORA-2020-01411d96d5, FEDORA-2020-72912bb14c, FEDORA-2020-9254bf8b94, FEDORA-2020-d18d24c943, FEDORA-2020-d4b0f42d01, MFSA-2020-01, MFSA-2020-02, MFSA-2020-04, openSUSE-SU-2020:0060-1, RHSA-2020:0085-01, RHSA-2020:0086-01, RHSA-2020:0111-01, RHSA-2020:0120-01, RHSA-2020:0123-01, RHSA-2020:0127-01, SSA:2020-006-01, SSA:2020-010-01, SSA:2020-024-01, SUSE-SU-2020:0068-1, SUSE-SU-2020:0078-1, SUSE-SU-2020:14268-1, USN-4234-1, USN-4241-1, VIGILANCE-VUL-31378
gpac: NULL pointer dereference via AVC_DuplicateConfig
An attacker can force a NULL pointer to be dereferenced via AVC_DuplicateConfig() of gpac, in order to trigger a denial of service...
CVE-2018-21015, DLA-2072-1, VIGILANCE-VUL-31371
OTRS Help Desk: information disclosure via Drafted Messages Spoofing
An attacker can bypass access restrictions to data via Drafted Messages Spoofing of OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1767, DLA-2079-1, OSA-2020-03, VIGILANCE-VUL-31295
Linux kernel: NULL pointer dereference via sas_discover.c
An attacker can force a NULL pointer to be dereferenced via sas_discover.c of the Linux kernel, in order to trigger a denial of service...
CVE-2019-19965, DLA-2068-1, VIGILANCE-VUL-31242
Linux kernel: information disclosure via kvaser_usb_leaf.c
A local attacker can read a memory fragment via kvaser_usb_leaf.c of the Linux kernel, in order to obtain sensitive information...
CVE-2019-19947, DLA-2068-1, VIGILANCE-VUL-31240
MediaWiki: open redirect via Title_blacklist
An attacker can deceive the user via Title_blacklist of MediaWiki, in order to redirect him to a malicious site...
CVE-2019-19709, DSA-4592-1, VIGILANCE-VUL-31239
libxml2: memory leak via xmlParseBalancedChunkMemoryRecover
An attacker can create a memory leak via xmlParseBalancedChunkMemoryRecover() of libxml2, in order to trigger a denial of service...
CVE-2019-19956, DLA-2048-1, USN-4274-1, VIGILANCE-VUL-31236
Linux kernel: denial of service via cpu.cfs_quota_us
An attacker can trigger a fatal error via cpu.cfs_quota_us of the Linux kernel, in order to trigger a denial of service...
CERTFR-2020-AVI-005, CVE-2019-19922, DLA-2068-1, USN-4226-1, VIGILANCE-VUL-31232
Our database contains other pages. You can request a free trial to read them.

Display information about Debian: