Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-16 CVE-2021-21191 Use After Free vulnerability in multiple products
Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
8.8
2021-03-15 CVE-2021-22191 Injection vulnerability in multiple products
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.
network
low complexity
wireshark oracle debian CWE-74
8.8
8.8
2021-03-15 CVE-2021-28374 Incorrect Permission Assignment for Critical Resource vulnerability in Debian Courier-Authlib and Debian Linux
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information.
network
low complexity
debian CWE-732
7.5
7.5
2021-03-12 CVE-2020-36281 Out-of-bounds Read vulnerability in multiple products
Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c.
network
low complexity
leptonica debian fedoraproject CWE-125
7.5
7.5
2021-03-12 CVE-2020-36279 Out-of-bounds Read vulnerability in multiple products
Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c.
network
low complexity
leptonica fedoraproject debian CWE-125
7.5
7.5
2021-03-12 CVE-2020-36278 Out-of-bounds Read vulnerability in multiple products
Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c.
network
low complexity
leptonica fedoraproject debian CWE-125
7.5
7.5
2021-03-11 CVE-2020-36277 Always-Incorrect Control Flow Implementation vulnerability in multiple products
Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.
network
low complexity
leptonica fedoraproject debian CWE-670
7.5
7.5
2021-03-11 CVE-2021-21381 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
local
low complexity
flatpak debian fedoraproject
8.2
8.2
2021-03-10 CVE-2021-21772 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0.
network
high complexity
3mf fedoraproject debian CWE-416
8.1
8.1
2021-03-10 CVE-2020-13936 An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container.
network
low complexity
apache debian oracle
8.8
8.8