Package : unbound
CVE ID : CVE-2020-12662 CVE-2020-12663
Two vulnerabiliites have been discovered in Unbound, a recursive-only caching DNS server; a traffic amplification attack against third party authoritative name servers (NXNSAttack) and…
Package : drupal7
CVE ID : CVE-2020-11022 CVE-2020-11023 SA-CORE-2020-003
Several vulnerabilities were discovered in Drupal, a fully-featured content management framework, which could result in an open redirect or cross-site scripting.
Package : netqmail
CVE ID : CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811
Debian Bug : 961060
Georgi Guninski and the Qualys Research Labs discovered multiple vulnerabilities in qmail (shipped in Debian as netqmail…
Package : pdns-recursor
CVE ID : CVE-2020-10955 CVE-2020-12244
Two vulnerabiliites have been discovered in PDNS Recursor, a resolving name server; a traffic amplification attack against third party authoritative name servers (NXNSAttack) and…
Package : dovecot
CVE ID : CVE-2020-10957 CVE-2020-10958 CVE-2020-10967
Debian Bug : 960963
Several vulnerabilities were discovered in the Dovecot email server, which could cause crashes in the submission, submission-login or lmtp…
Package : bind9
CVE ID : CVE-2019-6477 CVE-2020-8616 CVE-2020-8617
Debian Bug : 945171
Several vulnerabilities were discovered in BIND, a DNS server implementation.
It was discovered that TCP-pipelined queries can bypass…
Package : dpdk
CVE ID : CVE-2020-10722 CVE-2020-10723 CVE-2020-10724
Multiple vulnerabilities were discovered in the vhost code of DPDK, a set of libraries for fast packet processing, which could result in denial of service or the execution…
Package : exim4
CVE ID : CVE-2020-12783
It was discovered that exim4, a mail transport agent, suffers from a authentication bypass vulnerability in the spa authentication driver.
The spa authentication driver is not enabled by default.
Package : apache-log4j1.2
CVE ID : CVE-2019-17571
Debian Bug : 947124
It was discovered that the SocketServer class included in apache-log4j1.2, a logging library for java, is vulnerable to deserialization of untrusted data. An attacker…
Package : apt
CVE ID : CVE-2020-3810
Shuaibing Lu discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could result in denial of service when processing specially crafted deb files.