Debian: >> Debian Linux >> 8.0 Security Vulnerabilities
WebApp JSP Snoop page XSS in jetty though 6.1.21.
CVSS Score
6.1
EPSS Score
0.008
Published
2019-11-06
simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-11-06
There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-11-06
archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition.
CVSS Score
8.1
EPSS Score
0.003
Published
2019-11-06
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
CVSS Score
5.1
EPSS Score
0.001
Published
2019-11-05
The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.
CVSS Score
5.9
EPSS Score
0.129
Published
2019-11-05
Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.
CVSS Score
6.5
EPSS Score
0.019
Published
2019-11-05
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
CVSS Score
6.5
EPSS Score
0.025
Published
2019-11-05
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
CVSS Score
6.5
EPSS Score
0.02
Published
2019-11-05
Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book
CVSS Score
8.8
EPSS Score
0.023
Published
2019-11-05