Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-16 | CVE-2020-21535 | Out-of-bounds Read vulnerability in multiple products fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. | 5.5 |
| 2021-09-13 | CVE-2021-41054 | Classic Buffer Overflow vulnerability in multiple products tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. | 5.0 |
| 2021-09-09 | CVE-2021-39200 | Information Exposure vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. | 4.3 |
| 2021-09-09 | CVE-2020-19143 | Out-of-bounds Write vulnerability in multiple products Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'. | 4.3 |
| 2021-09-09 | CVE-2020-19144 | Out-of-bounds Write vulnerability in multiple products Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'. | 4.3 |
| 2021-09-09 | CVE-2021-3761 | Out-of-bounds Write vulnerability in multiple products Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. | 5.0 |
| 2021-09-07 | CVE-2020-19131 | Out-of-bounds Write vulnerability in multiple products Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop". | 5.0 |
| 2021-09-07 | CVE-2021-39257 | Uncontrolled Recursion vulnerability in multiple products A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. | 5.5 |
| 2021-09-05 | CVE-2021-40516 | Out-of-bounds Read vulnerability in multiple products WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin. | 5.0 |
| 2021-09-03 | CVE-2021-39191 | Open Redirect vulnerability in multiple products mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. | 6.1 |