Debian: >> Debian Linux Security Vulnerabilities
Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.074
Published
2019-12-10
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.013
Published
2019-12-10
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.031
Published
2019-12-10
lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.
CVSS Score
9.8
EPSS Score
0.009
Published
2019-12-10
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass
CVSS Score
9.8
EPSS Score
0.001
Published
2019-12-10
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
CVSS Score
9.8
EPSS Score
0.008
Published
2019-12-10
kde-workspace before 4.10.5 has a memory leak in plasma desktop
CVSS Score
7.5
EPSS Score
0.02
Published
2019-12-10
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
CVSS Score
5.5
EPSS Score
0.0
Published
2019-12-10
yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
CVSS Score
6.1
EPSS Score
0.01
Published
2019-12-10
HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document.
CVSS Score
7.8
EPSS Score
0.005
Published
2019-12-08