Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2021-08-18 CVE-2021-21858 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
low complexity
gpac debian CWE-119
8.8
8.8
2021-08-17 CVE-2021-39240 An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
network
low complexity
haproxy debian fedoraproject
7.5
7.5
2021-08-17 CVE-2021-39241 An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
network
low complexity
haproxy debian fedoraproject
5.3
5.3
2021-08-17 CVE-2021-39242 Improper Handling of Exceptional Conditions vulnerability in multiple products
An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
network
low complexity
haproxy debian fedoraproject CWE-755
7.5
7.5
2021-08-16 CVE-2021-21859 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
low complexity
gpac debian CWE-190
8.8
8.8
2021-08-16 CVE-2021-21860 Incorrect Conversion between Numeric Types vulnerability in multiple products
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
low complexity
gpac debian CWE-681
8.8
8.8
2021-08-16 CVE-2021-21861 Incorrect Conversion between Numeric Types vulnerability in multiple products
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
low complexity
gpac debian CWE-681
8.8
8.8
2021-08-16 CVE-2021-22939 Improper Certificate Validation vulnerability in multiple products
If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted.
network
low complexity
nodejs oracle netapp siemens debian CWE-295
5.3
5.3
2021-08-16 CVE-2021-22940 Use After Free vulnerability in multiple products
Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
network
low complexity
nodejs oracle netapp siemens debian CWE-416
7.5
7.5
2021-08-13 CVE-2021-37695 ckeditor is an open source WYSIWYG HTML editor with rich content support.
network
low complexity
ckeditor debian fedoraproject oracle
5.4
5.4