Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-0129 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | 5.7 |
| 2021-06-09 | CVE-2020-24511 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 6.5 |
| 2021-06-09 | CVE-2020-24512 | Information Exposure Through Discrepancy vulnerability in multiple products Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 3.3 |
| 2021-06-09 | CVE-2020-24513 | Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 6.5 |
| 2021-06-09 | CVE-2021-33833 | Out-of-bounds Write vulnerability in multiple products ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA). | 9.8 |
| 2021-06-09 | CVE-2021-26313 | Information Exposure Through Discrepancy vulnerability in multiple products Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage. | 5.5 |
| 2021-06-09 | CVE-2021-33829 | Cross-site Scripting vulnerability in multiple products A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --!> is mishandled. | 6.1 |
| 2021-06-09 | CVE-2021-28169 | For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. | 5.3 |
| 2021-06-08 | CVE-2021-22116 | Improper Input Validation vulnerability in multiple products RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. | 7.5 |
| 2021-06-08 | CVE-2021-23215 | An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. | 5.5 |