Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-3679 | Infinite Loop vulnerability in multiple products A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. | 5.5 |
| 2021-08-04 | CVE-2021-38114 | Unchecked Return Value vulnerability in multiple products libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868. | 5.5 |
| 2021-08-02 | CVE-2021-34556 | Information Exposure Through Discrepancy vulnerability in multiple products In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. | 5.5 |
| 2021-08-02 | CVE-2021-35477 | Information Exposure Through Discrepancy vulnerability in multiple products In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value. | 5.5 |
| 2021-07-23 | CVE-2021-32686 | PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. | 5.9 |
| 2021-07-22 | CVE-2021-1093 | Improper Resource Shutdown or Release vulnerability in multiple products NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash. | 5.5 |
| 2021-07-22 | CVE-2021-1094 | Out-of-bounds Read vulnerability in multiple products NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure. | 6.1 |
| 2021-07-22 | CVE-2021-1095 | NULL Pointer Dereference vulnerability in multiple products NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service. | 5.5 |
| 2021-07-21 | CVE-2021-37159 | Use After Free vulnerability in multiple products hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. | 6.4 |
| 2021-07-21 | CVE-2020-19609 | Out-of-bounds Write vulnerability in multiple products Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service. | 5.5 |