Vulnerabilities > Debian > Debian Linux > 9.0

DATE CVE VULNERABILITY TITLE RISK
2021-06-06 CVE-2017-20005 Integer Overflow OR Wraparound vulnerability in multiple products
NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module.
network
low complexity
nginx debian CWE-190
7.5
2021-06-02 CVE-2019-12067 Null Pointer Dereference vulnerability in multiple products
The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.
local
low complexity
qemu debian CWE-476
2.1
2021-06-01 CVE-2021-3516 USE After Free vulnerability in multiple products
There's a flaw in libxml2's xmllint in versions before 2.9.11.
6.8
2021-05-28 CVE-2020-25710 Reachable Assertion vulnerability in multiple products
A flaw was found in OpenLDAP in versions before 2.4.56.
network
low complexity
openldap redhat debian fedoraproject CWE-617
5.0
2021-05-27 CVE-2020-15180 Static Code Injection vulnerability in multiple products
A flaw was found in the mysql-wsrep component of mariadb.
6.8
2021-05-26 CVE-2021-25217 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC.
low complexity
isc fedoraproject debian CWE-119
3.3
2021-05-26 CVE-2020-27815 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges.
local
low complexity
linux debian CWE-119
6.1
2021-05-26 CVE-2020-25668 USE After Free vulnerability in multiple products
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
6.9
2021-05-26 CVE-2020-25669 USE After Free vulnerability in multiple products
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed.
local
low complexity
linux debian CWE-416
7.2
2021-05-20 CVE-2021-3426 Information Exposure vulnerability in multiple products
There's a flaw in Python 3's pydoc.
2.7