Debian Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-16	CVE-2021-33813	XXE vulnerability in multiple products An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. network low complexity jdom apache debian fedoraproject oracle CWE-611	7.5
2021-06-15	CVE-2021-30547	Out-of-bounds Write vulnerability in multiple products Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google debian fedoraproject mozilla CWE-787	8.8
2021-06-15	CVE-2021-3592	Access of Uninitialized Pointer vulnerability in multiple products An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. local low complexity libslirp-project redhat debian fedoraproject CWE-824	3.8
2021-06-15	CVE-2021-3593	Access of Uninitialized Pointer vulnerability in multiple products An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. local low complexity libslirp-project redhat fedoraproject debian CWE-824	3.8
2021-06-15	CVE-2021-3594	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. local low complexity libslirp-project redhat debian fedoraproject	3.8
2021-06-15	CVE-2021-3595	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. local low complexity libslirp-project redhat debian fedoraproject	3.8
2021-06-15	CVE-2021-31618	NULL Pointer Dereference vulnerability in multiple products Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. network low complexity apache fedoraproject debian oracle CWE-476	7.5
2021-06-14	CVE-2021-34693	Missing Initialization of Resource vulnerability in multiple products net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. local low complexity linux debian CWE-909	5.5
2021-06-11	CVE-2021-22895	Improper Certificate Validation vulnerability in multiple products Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow. network high complexity nextcloud debian CWE-295	5.9
2021-06-11	CVE-2021-22898	Missing Initialization of Resource vulnerability in multiple products curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. network high complexity haxx debian fedoraproject oracle siemens splunk CWE-909	3.1