Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-06-10 CVE-2021-26691 Out-of-bounds Write vulnerability in multiple products
In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow
network
low complexity
apache debian fedoraproject oracle netapp CWE-787
critical
 9.8
9.8
2021-06-09 CVE-2021-33833 Out-of-bounds Write vulnerability in multiple products
ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).
network
low complexity
intel debian CWE-787
critical
 9.8
9.8
2021-06-06 CVE-2017-20005 Integer Overflow or Wraparound vulnerability in multiple products
NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module.
network
low complexity
f5 debian CWE-190
critical
 9.8
9.8
2021-05-27 CVE-2020-15180 Command Injection vulnerability in multiple products
A flaw was found in the mysql-wsrep component of mariadb.
network
high complexity
mariadb debian percona galeracluster CWE-77
critical
 9.0
9.0
2021-05-25 CVE-2021-33574 Use After Free vulnerability in multiple products
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free.
network
low complexity
gnu fedoraproject netapp debian CWE-416
critical
 9.8
9.8
2021-05-21 CVE-2020-36331 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-125
critical
 9.1
9.1
2021-05-21 CVE-2020-36330 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject debian redhat netapp apple CWE-125
critical
 9.1
9.1
2021-05-21 CVE-2020-36329 Use After Free vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-416
critical
 9.8
9.8
2021-05-21 CVE-2020-36328 Out-of-bounds Write vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-787
critical
 9.8
9.8
2021-05-06 CVE-2021-20204 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases.
network
low complexity
getdata-project debian fedoraproject CWE-119
critical
 9.8
9.8