Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-19 | CVE-2020-36421 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.23.0. | 5.3 |
| 2021-07-19 | CVE-2020-36422 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.23.0. | 5.3 |
| 2021-07-19 | CVE-2020-36424 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.24.0. | 4.7 |
| 2021-07-19 | CVE-2020-36425 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.24.0. | 5.3 |
| 2021-07-15 | CVE-2021-32743 | Exposure of Sensitive Data Through Data Queries vulnerability in multiple products Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. | 6.5 |
| 2021-07-15 | CVE-2021-32739 | Privilege Defined With Unsafe Actions vulnerability in multiple products Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. | 6.5 |
| 2021-07-14 | CVE-2021-36740 | HTTP Request Smuggling vulnerability in multiple products Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. network low complexity varnish-cache varnish-cache-project varnish-software fedoraproject debian CWE-444 | 6.5 |
| 2021-07-14 | CVE-2021-24119 | Information Exposure Through Discrepancy vulnerability in multiple products In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. | 4.9 |
| 2021-07-13 | CVE-2020-19716 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS). | 6.5 |
| 2021-07-13 | CVE-2021-31810 | An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. | 5.8 |