Debian: >> Debian Linux >> 8.0 Security Vulnerabilities
HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document.
CVSS Score
7.8
EPSS Score
0.005
Published
2019-12-08
A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.
CVSS Score
7.4
EPSS Score
0.001
Published
2019-12-06
phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.
CVSS Score
9.8
EPSS Score
0.009
Published
2019-12-06
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
CVSS Score
6.1
EPSS Score
0.008
Published
2019-12-05
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
CVSS Score
6.1
EPSS Score
0.008
Published
2019-12-05
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-12-05
A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-12-05
OpenStack nova base images permissions are world readable
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-05
An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0
CVSS Score
9.8
EPSS Score
0.004
Published
2019-12-04
An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-12-03