Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-08-07 | CVE-2020-9490 | Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers. | Http_server, Apache_http_server | 7.5 | ||
2020-08-11 | CVE-2020-17367 | Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. | Debian_linux, Fedora, Firejail, Leap | 7.8 | ||
2020-08-11 | CVE-2020-17368 | Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection. | Debian_linux, Fedora, Firejail, Leap | 9.8 | ||
2020-08-12 | CVE-2020-12100 | In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts. | Ubuntu_linux, Debian_linux, Dovecot, Fedora | 7.5 | ||
2020-08-12 | CVE-2020-12673 | In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read. | Ubuntu_linux, Debian_linux, Dovecot, Fedora | 7.5 | ||
2020-08-12 | CVE-2020-12674 | In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. | Ubuntu_linux, Debian_linux, Dovecot, Fedora | 7.5 | ||
2020-08-12 | CVE-2020-17507 | An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. | Debian_linux, Fedora, Qt | 5.3 | ||
2020-08-13 | CVE-2020-16287 | A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | Ghostscript, Ubuntu_linux, Debian_linux | 5.5 | ||
2020-08-13 | CVE-2020-16288 | A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | Ghostscript, Ubuntu_linux, Debian_linux | 5.5 | ||
2020-08-13 | CVE-2020-16289 | A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | Ghostscript, Ubuntu_linux, Debian_linux | 5.5 |