Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-01 CVE-2021-33582 Algorithmic Complexity vulnerability in multiple products
Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction.
network
low complexity
cyrus fedoraproject debian CWE-407
7.5
7.5
2021-08-31 CVE-2021-37701 The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
local
low complexity
npmjs debian oracle siemens
8.6
8.6
2021-08-31 CVE-2021-37712 The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
local
low complexity
npmjs debian oracle siemens
8.6
8.6
2021-08-31 CVE-2021-40330 git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.
network
low complexity
git-scm debian
7.5
7.5
2021-08-30 CVE-2020-35633 A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
network
low complexity
cgal debian
8.8
8.8
2021-08-30 CVE-2020-35634 A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
network
low complexity
cgal debian
8.8
8.8
2021-08-30 CVE-2020-35635 A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB read.
network
low complexity
cgal debian
8.8
8.8
2021-08-27 CVE-2021-28697 Race Condition vulnerability in multiple products
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory.
local
low complexity
xen fedoraproject debian CWE-362
7.8
7.8
2021-08-27 CVE-2021-23434 Type Confusion vulnerability in multiple products
This affects the package object-path before 0.11.6.
network
low complexity
object-path-project debian CWE-843
8.6
8.6
2021-08-27 CVE-2021-40153 Path Traversal vulnerability in multiple products
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. 		8.1
8.1