CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian » Debian Linux » 8.0 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-15011 74 2020-06-24 2020-10-27
2.6
None Remote High Not required None Partial None
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
2 CVE-2020-14405 770 2020-06-17 2020-08-29
4.0
None Remote Low ??? None None Partial
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
3 CVE-2020-14404 119 Overflow 2020-06-17 2020-10-14
5.5
None Remote Low ??? Partial None Partial
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
4 CVE-2020-14403 119 Overflow 2020-06-17 2020-10-14
5.5
None Remote Low ??? Partial None Partial
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.
5 CVE-2020-14402 119 Overflow 2020-06-17 2020-10-14
5.5
None Remote Low ??? Partial None Partial
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
6 CVE-2020-14401 190 Overflow 2020-06-17 2020-08-29
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
7 CVE-2020-14400 2020-06-17 2020-08-29
5.0
None Remote Low Not required None None Partial
** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary.
8 CVE-2020-14399 2020-06-17 2020-08-29
5.0
None Remote Low Not required None None Partial
** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed."
9 CVE-2020-14397 476 2020-06-17 2020-10-14
5.0
None Remote Low Not required None None Partial
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
10 CVE-2020-14195 502 2020-06-16 2021-06-14
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).
11 CVE-2020-14062 502 2020-06-14 2021-06-14
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).
12 CVE-2020-14061 502 2020-06-14 2021-06-14
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).
13 CVE-2020-13881 532 2020-06-06 2020-09-22
4.3
None Remote Medium Not required Partial None None
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
14 CVE-2020-13848 476 DoS 2020-06-04 2021-03-08
5.0
None Remote Low Not required None None Partial
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
15 CVE-2020-13696 732 2020-06-08 2020-10-05
3.6
None Local Low Not required Partial Partial None
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c /dev/../root/.bash_history command.
16 CVE-2020-13434 190 Overflow 2020-05-24 2021-06-14
2.1
None Local Low Not required None None Partial
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
17 CVE-2020-13113 416 2020-05-21 2020-07-27
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
18 CVE-2020-12767 369 2020-05-09 2020-07-27
2.1
None Local Low Not required None None Partial
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
19 CVE-2020-12243 400 DoS 2020-04-28 2020-10-20
5.0
None Remote Low Not required None None Partial
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
20 CVE-2020-11868 400 2020-04-17 2020-07-27
5.0
None Remote Low Not required None None Partial
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
21 CVE-2020-11810 362 2020-04-27 2020-05-14
4.3
None Remote Medium Not required None None Partial
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be dropped. This requires careful timing due to the small time window (usually within a few seconds) between the victim client connection starting and the server PUSH_REPLY response back to the client. This attack will only work if Negotiable Cipher Parameters (NCP) is in use.
22 CVE-2020-11736 22 Dir. Trav. 2020-04-13 2020-09-14
3.3
None Local Medium Not required None Partial Partial
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
23 CVE-2020-11728 384 2020-04-15 2020-09-28
5.0
None Remote Low Not required Partial None None
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id) can impersonate a session.
24 CVE-2020-11655 665 DoS 2020-04-09 2021-06-14
5.0
None Remote Low Not required None None Partial
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
25 CVE-2020-11620 502 2020-04-07 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).
26 CVE-2020-11619 502 2020-04-07 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).
27 CVE-2020-11113 502 2020-03-31 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).
28 CVE-2020-11112 502 2020-03-31 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).
29 CVE-2020-11111 502 2020-03-31 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).
30 CVE-2020-11078 93 2020-05-20 2020-08-19
4.3
None Remote Medium Not required None Partial None
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. This has been fixed in 0.18.0.
31 CVE-2020-11008 522 2020-04-21 2020-05-22
5.0
None Remote Low Not required Partial None None
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a "blank" pattern to helpers, missing hostname and protocol fields. Many helpers will interpret this as matching _any_ URL, and will return some unspecified stored password, leaking the password to an attacker's server. The vulnerability can be triggered by feeding a malicious URL to `git clone`. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The root of the problem is in Git itself, which should not be feeding blank input to helpers. However, the ability to exploit the vulnerability in practice depends on which helpers are in use. Credential helpers which are known to trigger the vulnerability: - Git's "store" helper - Git's "cache" helper - the "osxkeychain" helper that ships in Git's "contrib" directory Credential helpers which are known to be safe even with vulnerable versions of Git: - Git Credential Manager for Windows Any helper not in this list should be assumed to trigger the vulnerability.
32 CVE-2020-10969 502 2020-03-26 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.
33 CVE-2020-10968 502 2020-03-26 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).
34 CVE-2020-10803 79 Sql XSS 2020-03-22 2020-11-02
3.5
None Remote Medium ??? None Partial None
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.
35 CVE-2020-10802 89 Sql 2020-03-22 2020-11-02
6.0
None Remote Medium ??? Partial Partial Partial
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.
36 CVE-2020-10757 119 Overflow 2020-06-09 2020-09-15
6.9
None Local Medium Not required Complete Complete Complete
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
37 CVE-2020-10711 476 DoS 2020-05-22 2020-07-29
4.3
None Remote Medium Not required None None Partial
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.
38 CVE-2020-10673 2020-03-18 2021-02-25
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).
39 CVE-2020-10672 2020-03-18 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).
40 CVE-2020-10663 20 2020-04-28 2021-04-04
5.0
None Remote Low Not required None Partial None
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.
41 CVE-2020-10595 120 Exec Code Overflow 2020-03-31 2020-04-04
7.5
None Remote Low Not required Partial Partial Partial
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution. This code path is not used for normal authentication, but only when the Kerberos library does supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option.
42 CVE-2020-9548 502 2020-03-02 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).
43 CVE-2020-9547 502 2020-03-02 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).
44 CVE-2020-9546 502 2020-03-02 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
45 CVE-2020-9484 502 Exec Code 2020-05-20 2021-06-14
4.4
None Local Medium Not required Partial Partial Partial
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.
46 CVE-2020-9359 20 Exec Code 2020-03-24 2020-07-27
6.8
None Remote Medium Not required Partial Partial Partial
KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
47 CVE-2020-9274 824 2020-02-26 2020-09-22
5.0
None Remote Low Not required Partial None None
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.
48 CVE-2020-8840 502 2020-02-10 2021-02-22
7.5
None Remote Low Not required Partial Partial Partial
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
49 CVE-2020-8608 120 Overflow 2020-02-06 2021-02-14
6.8
None Remote Medium Not required Partial Partial Partial
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
50 CVE-2020-8165 502 2020-06-19 2020-10-17
7.5
None Remote Low Not required Partial Partial Partial
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
Total number of vulnerabilities : 2903   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.