Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-09 CVE-2021-37621 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian
5.5
5.5
2021-08-09 CVE-2021-37622 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian
5.5
5.5
2021-08-09 CVE-2021-32815 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian
5.5
5.5
2021-08-09 CVE-2021-34334 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian
5.5
5.5
2021-08-08 CVE-2021-38198 arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
local
low complexity
linux debian
5.5
5.5
2021-08-08 CVE-2021-38199 fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
low complexity
linux netapp debian
6.5
6.5
2021-08-08 CVE-2021-38204 Use After Free vulnerability in multiple products
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.
low complexity
linux debian CWE-416
6.8
6.8
2021-08-08 CVE-2021-36221 Race Condition vulnerability in multiple products
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
network
high complexity
golang fedoraproject debian oracle siemens CWE-362
5.9
5.9
2021-08-07 CVE-2021-38165 Insufficiently Protected Credentials vulnerability in multiple products
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
network
high complexity
lynx-project debian fedoraproject CWE-522
5.3
5.3
2021-08-05 CVE-2021-3566 Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it.
local
low complexity
ffmpeg debian
5.5
5.5