Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-09 | CVE-2021-0089 | Information Exposure Through Discrepancy vulnerability in multiple products Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 6.5 |
2021-06-09 | CVE-2021-0129 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | 5.7 |
2021-06-09 | CVE-2021-33829 | Cross-site Scripting vulnerability in multiple products A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --!> is mishandled. | 6.1 |
2021-06-09 | CVE-2021-28169 | For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. | 5.3 |
2021-06-08 | CVE-2021-23215 | Resource Exhaustion vulnerability in multiple products An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. | 5.5 |
2021-06-08 | CVE-2021-26260 | Resource Exhaustion vulnerability in multiple products An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. | 5.5 |
2021-06-08 | CVE-2021-3564 | Double Free vulnerability in multiple products A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. | 5.5 |
2021-06-07 | CVE-2021-22222 | Infinite Loop vulnerability in multiple products Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file | 5.0 |
2021-06-04 | CVE-2021-33054 | Improper Verification of Cryptographic Signature vulnerability in multiple products SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. | 5.0 |
2021-06-02 | CVE-2020-22054 | Memory Leak vulnerability in multiple products A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c. | 6.5 |