Vulnerabilities > Debian > Debian Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-01 | CVE-2021-36045 | Out-of-bounds Read vulnerability in multiple products XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. | 3.3 |
| 2021-08-08 | CVE-2021-38205 | Access of Uninitialized Pointer vulnerability in multiple products drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). | 3.3 |
| 2021-08-05 | CVE-2021-3655 | Improper Input Validation vulnerability in multiple products A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. | 3.3 |
| 2021-08-05 | CVE-2021-22924 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. | 3.7 |
| 2021-07-21 | CVE-2021-2341 | Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). | 3.1 |
| 2021-06-22 | CVE-2021-34428 | Insufficient Session Expiration vulnerability in multiple products For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. | 3.5 |
| 2021-06-18 | CVE-2020-18442 | Infinite Loop vulnerability in multiple products Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file". | 3.3 |
| 2021-06-15 | CVE-2021-3595 | Access of Uninitialized Pointer vulnerability in multiple products An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. | 3.8 |
| 2021-06-15 | CVE-2021-3594 | Access of Uninitialized Pointer vulnerability in multiple products An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. | 3.8 |
| 2021-06-15 | CVE-2021-3593 | Access of Uninitialized Pointer vulnerability in multiple products An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. | 3.8 |