Debian Linux vulnerabilities

CVE-2020-26237 [HIGH] CWE-471 CVE-2020-26237: Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow users to insert custom HTML code blocks into your page/app v

CVE-2020-28928 [MEDIUM] CWE-787 CVE-2020-28928: In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).

CVE-2020-28984 [CRITICAL] CVE-2020-28984: prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the cou prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters.

CVE-2019-14575 [HIGH] CVE-2019-14575: Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potential Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2019-14586 [HIGH] CWE-416 CVE-2019-14586: Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalat Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.

CVE-2019-14563 [HIGH] CWE-681 CVE-2019-14563: Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of pri Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2020-25696 [HIGH] CWE-183 CVE-2020-25696: A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5 A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from th

CVE-2019-14587 [MEDIUM] CVE-2019-14587: Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adj Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVE-2020-28896 [MEDIUM] CWE-287 CVE-2020-28896: Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials being exposed on an unencrypted connection, or to a ma

CVE-2019-14562 [MEDIUM] CWE-190 CVE-2019-14562: Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentia Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.

CVE-2020-0569 [MEDIUM] CWE-787 CVE-2020-0569: Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticat Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

CVE-2020-19667 [HIGH] CWE-787 CVE-2020-19667: Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7. Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.

CVE-2020-20740 [HIGH] CWE-787 CVE-2020-20740: PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_ver PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().

CVE-2020-28974 [MEDIUM] CWE-125 CVE-2020-28974: A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.

CVE-2020-20739 [MEDIUM] CWE-909 CVE-2020-20739: im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.

CVE-2019-20933 [CRITICAL] CWE-287 CVE-2019-20933: InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in ser InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).

CVE-2020-28949 [HIGH] CVE-2020-28949: Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

CVE-2020-28948 [HIGH] CWE-502 CVE-2020-28948: Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is no Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.

CVE-2020-28941 [MEDIUM] CWE-763 CVE-2020-28941: An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9 An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once.

CVE-2020-26215 [MEDIUM] CWE-601 CVE-2020-26215: Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for known notebook server hosts. A link to your notebook serve