Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-10 | CVE-2020-25467 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via a crafted compressed file. | 5.5 |
| 2021-06-10 | CVE-2021-27345 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file. | 5.5 |
| 2021-06-10 | CVE-2021-27347 | Use After Free vulnerability in multiple products Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file. | 5.5 |
| 2021-06-10 | CVE-2020-13950 | NULL Pointer Dereference vulnerability in multiple products Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service | 7.5 |
| 2021-06-10 | CVE-2020-35452 | Out-of-bounds Write vulnerability in multiple products Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. | 7.3 |
| 2021-06-10 | CVE-2021-26690 | NULL Pointer Dereference vulnerability in multiple products Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service | 7.5 |
| 2021-06-10 | CVE-2021-26691 | Out-of-bounds Write vulnerability in multiple products In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow | 9.8 |
| 2021-06-10 | CVE-2021-30641 | Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' | 5.3 |
| 2021-06-09 | CVE-2020-24489 | Incomplete Cleanup vulnerability in multiple products Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. | 8.8 |
| 2021-06-09 | CVE-2021-0089 | Information Exposure Through Discrepancy vulnerability in multiple products Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 6.5 |