Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-27 | CVE-2021-28697 | Race Condition vulnerability in multiple products grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. | 7.8 |
| 2021-08-27 | CVE-2021-28698 | Infinite Loop vulnerability in multiple products long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. | 5.5 |
| 2021-08-27 | CVE-2021-28699 | inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. | 5.5 |
| 2021-08-27 | CVE-2021-28700 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. | 4.9 |
| 2021-08-27 | CVE-2020-23226 | Cross-site Scripting vulnerability in multiple products Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php. | 6.1 |
| 2021-08-27 | CVE-2021-23434 | Type Confusion vulnerability in multiple products This affects the package object-path before 0.11.6. | 8.6 |
| 2021-08-27 | CVE-2021-40153 | Path Traversal vulnerability in multiple products squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. | 8.1 |
| 2021-08-25 | CVE-2021-21834 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. | 8.8 |
| 2021-08-25 | CVE-2021-21836 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. | 8.8 |
| 2021-08-25 | CVE-2021-21840 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. | 8.8 |