Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-04-30 CVE-2021-31873 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in klibc before 2.0.9.
network
low complexity
klibc-project debian CWE-190
critical
 9.8
9.8
2021-04-27 CVE-2019-25035 Out-of-bounds Write vulnerability in multiple products
Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par.
network
low complexity
nlnetlabs debian CWE-787
critical
 9.8
9.8
2021-04-27 CVE-2019-25038 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c.
network
low complexity
nlnetlabs debian CWE-190
critical
 9.8
9.8
2021-04-27 CVE-2019-25033 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro.
network
low complexity
nlnetlabs debian CWE-190
critical
 9.8
9.8
2021-04-27 CVE-2019-25042 Out-of-bounds Write vulnerability in multiple products
Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy.
network
low complexity
nlnetlabs debian CWE-787
critical
 9.8
9.8
2021-04-27 CVE-2019-25032 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc.
network
low complexity
nlnetlabs debian CWE-190
critical
 9.8
9.8
2021-04-27 CVE-2019-25034 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write.
network
low complexity
nlnetlabs debian CWE-190
critical
 9.8
9.8
2021-04-27 CVE-2019-25039 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c.
network
low complexity
nlnetlabs debian CWE-190
critical
 9.8
9.8
2021-04-26 CVE-2021-21223 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-190
critical
 9.6
9.6
2021-04-26 CVE-2021-21201 Use After Free vulnerability in multiple products
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
critical
 9.6
9.6