Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-19 | CVE-2021-40690 | All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. | 7.5 |
| 2021-09-19 | CVE-2021-41073 | Release of Invalid Pointer or Reference vulnerability in multiple products loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation. | 7.8 |
| 2021-09-17 | CVE-2021-3803 | nth-check is vulnerable to Inefficient Regular Expression Complexity | 7.5 |
| 2021-09-17 | CVE-2021-3805 | object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | 7.5 |
| 2021-09-16 | CVE-2020-21596 | Classic Buffer Overflow vulnerability in multiple products libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file. | 6.5 |
| 2021-09-16 | CVE-2020-21597 | Out-of-bounds Write vulnerability in multiple products libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file. | 6.5 |
| 2021-09-16 | CVE-2020-21598 | Out-of-bounds Write vulnerability in multiple products libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file. | 8.8 |
| 2021-09-16 | CVE-2020-21599 | Out-of-bounds Write vulnerability in multiple products libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file. | 6.5 |
| 2021-09-16 | CVE-2020-21529 | Out-of-bounds Write vulnerability in multiple products fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c. | 5.5 |
| 2021-09-16 | CVE-2020-21530 | fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. | 5.5 |