Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-09-26 | CVE-2019-16738 | In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup. | Debian_linux, Fedora, Mediawiki | 5.3 | ||
| 2019-09-26 | CVE-2019-10092 | In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. | Http_server, Ubuntu_linux, Debian_linux, Fedora, Clustered_data_ontap, Leap, Communications_element_manager, Enterprise_manager_ops_center, Secure_global_desktop, Software_collection | 6.1 | ||
| 2019-09-26 | CVE-2019-16869 | Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. | Ubuntu_linux, Debian_linux, Netty, Jboss_enterprise_application_platform | 7.5 | ||
| 2019-09-27 | CVE-2019-8075 | Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | Flash_player, Flash_player_desktop_runtime, Debian_linux, Fedora, Chrome | 7.5 | ||
| 2019-09-27 | CVE-2019-9232 | In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 7.5 | ||
| 2019-09-27 | CVE-2019-9278 | In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 8.8 | ||
| 2019-09-27 | CVE-2019-9325 | In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 6.5 | ||
| 2019-09-27 | CVE-2019-9371 | In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 6.5 | ||
| 2019-09-27 | CVE-2019-9433 | In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 6.5 | ||
| 2019-09-28 | CVE-2019-16935 | The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | Ubuntu_linux, Debian_linux, Python | 6.1 |