Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-04 | CVE-2021-43389 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 5.14.15. | 5.5 |
| 2021-11-03 | CVE-2021-22960 | HTTP Request Smuggling vulnerability in multiple products The parse function in llhttp < 2.1.4 and < 6.0.6. | 6.5 |
| 2021-11-03 | CVE-2021-40985 | Out-of-bounds Read vulnerability in multiple products A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp. | 5.5 |
| 2021-11-03 | CVE-2021-37147 | Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |
| 2021-11-03 | CVE-2021-37148 | Improper Input Validation vulnerability in multiple products Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |
| 2021-11-03 | CVE-2021-37149 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |
| 2021-11-03 | CVE-2021-38161 | Improper Authentication vulnerability in multiple products Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. | 8.1 |
| 2021-11-03 | CVE-2021-38496 | Use After Free vulnerability in multiple products During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. | 8.8 |
| 2021-11-03 | CVE-2021-38500 | Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. | 8.8 |
| 2021-11-03 | CVE-2021-38502 | Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. | 5.9 |