Vulnerabilities > Debian > Debian Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2021-06-15 CVE-2021-3592 Access of Uninitialized Pointer vulnerability in multiple products
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU.
3.8
2021-06-11 CVE-2021-22898 Missing Initialization of Resource vulnerability in multiple products
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers.
3.1
2021-06-09 CVE-2020-24513 Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian siemens
2.1
2021-06-09 CVE-2020-24512 Information Exposure Through Discrepancy vulnerability in multiple products
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian netapp CWE-203
2.1
2021-06-09 CVE-2020-24511 Exposure of Resource to Wrong Sphere vulnerability in multiple products
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian netapp CWE-668
2.1
2021-06-09 CVE-2021-26313 Information Exposure Through Discrepancy vulnerability in multiple products
Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.
local
low complexity
xen arm broadcom intel debian CWE-203
2.1
2021-06-02 CVE-2019-12067 NULL Pointer Dereference vulnerability in multiple products
The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.
local
low complexity
qemu debian fedoraproject redhat CWE-476
2.1
2021-06-02 CVE-2018-10195 Integer Overflow or Wraparound vulnerability in multiple products
lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.
local
low complexity
lrzsz-project suse debian CWE-190
3.6
2021-05-28 CVE-2020-35505 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0.
local
low complexity
qemu debian CWE-476
2.1
2021-05-28 CVE-2020-35504 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0.
local
low complexity
qemu fedoraproject debian CWE-476
2.1