Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-13 CVE-2021-31215 SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.
network
low complexity
schedmd fedoraproject debian
8.8
8.8
2021-05-12 CVE-2020-27840 A flaw was found in samba.
network
low complexity
samba debian fedoraproject
7.5
7.5
2021-05-12 CVE-2021-20277 Out-of-bounds Write vulnerability in multiple products
A flaw was found in Samba's libldb.
network
low complexity
samba debian fedoraproject CWE-787
7.5
7.5
2021-05-11 CVE-2021-20309 A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick.
network
low complexity
imagemagick debian
7.5
7.5
2021-05-11 CVE-2021-20312 A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick.
network
low complexity
imagemagick debian
7.5
7.5
2021-05-11 CVE-2021-20313 A flaw was found in ImageMagick in versions before 7.0.11.
network
low complexity
imagemagick debian
7.5
7.5
2021-05-11 CVE-2021-29509 Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications.
network
low complexity
puma debian
7.5
7.5
2021-05-10 CVE-2021-32399 Race Condition vulnerability in multiple products
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
local
high complexity
linux debian netapp CWE-362
7.0
7.0
2021-05-05 CVE-2021-31542 Path Traversal vulnerability in multiple products
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.
network
low complexity
djangoproject debian fedoraproject CWE-22
7.5
7.5
2021-04-30 CVE-2021-21227 Out-of-bounds Write vulnerability in multiple products
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
8.8