Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-01-03 | CVE-2020-5312 | libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. | Ubuntu_linux, Debian_linux, Fedora, Pillow | 9.8 | ||
2020-01-03 | CVE-2020-5313 | libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. | Ubuntu_linux, Debian_linux, Fedora, Pillow | 7.1 | ||
2020-01-03 | CVE-2019-20330 | FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. | Debian_linux, Jackson\-Databind, Active_iq_unified_manager, Oncommand_api_services, Service_level_manager, Snapcenter, Steelstore_cloud_integrated_storage, Banking_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_network_slice_selection_function, Communications_contacts_server, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Customer_management_and_segmentation_foundation, Enterprise_manager_base_platform, Global_lifecycle_management_opatch, Goldengate_application_adapters, Goldengate_stream_analytics, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_unifier, Retail_merchandising_system, Retail_sales_audit, Retail_xstore_point_of_service, Siebel_engineering_\-_installer_\&_deployment, Siebel_ui_framework, Trace_file_analyzer, Webcenter_portal, Weblogic_server | 9.8 | ||
2020-01-05 | CVE-2019-19911 | There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer. | Ubuntu_linux, Debian_linux, Fedora, Pillow | 7.5 | ||
2020-01-08 | CVE-2019-5188 | A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. | Ubuntu_linux, Debian_linux, E2fsprogs, Fedora, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Leap | 6.7 | ||
2020-01-08 | CVE-2019-20367 | nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). | Ubuntu_linux, Debian_linux, Libbsd, Leap | 9.1 | ||
2020-01-10 | CVE-2019-13767 | Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle | 8.8 | ||
2020-01-10 | CVE-2020-6377 | Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap, Enterprise_linux_desktop, Enterprise_linux_workstation | 8.8 | ||
2020-01-13 | CVE-2020-6851 | OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. | Debian_linux, Fedora, Georaster, Outside_in_technology, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openjpeg | 7.5 | ||
2020-01-16 | CVE-2020-7045 | In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes. | Debian_linux, Wireshark | 6.5 |