Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-07 | CVE-2021-42717 | Uncontrolled Recursion vulnerability in multiple products ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. | 7.5 |
| 2021-12-06 | CVE-2021-43784 | runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. | 5.0 |
| 2021-12-06 | CVE-2021-4069 | vim is vulnerable to Use After Free | 7.8 |
| 2021-12-02 | CVE-2021-44227 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes. | 8.8 |
| 2021-12-01 | CVE-2021-3984 | vim is vulnerable to Heap-based Buffer Overflow | 7.8 |
| 2021-12-01 | CVE-2021-4019 | vim is vulnerable to Heap-based Buffer Overflow | 7.8 |
| 2021-11-29 | CVE-2019-8921 | Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in bluetoothd in BlueZ through 5.48. | 6.5 |
| 2021-11-29 | CVE-2019-8922 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. | 8.8 |
| 2021-11-29 | CVE-2021-21707 | In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. | 5.3 |
| 2021-11-24 | CVE-2021-28705 | Improper Handling of Exceptional Conditions vulnerability in multiple products issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. | 7.8 |