Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-16 | CVE-2021-31348 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in libezxml.a in ezXML 0.8.6. | 4.3 |
| 2021-04-16 | CVE-2021-31347 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products An issue was discovered in libezxml.a in ezXML 0.8.6. | 4.3 |
| 2021-04-15 | CVE-2021-29450 | Information Exposure vulnerability in multiple products Wordpress is an open source CMS. | 4.0 |
| 2021-04-15 | CVE-2021-29447 | XXE vulnerability in multiple products Wordpress is an open source CMS. | 6.5 |
| 2021-04-15 | CVE-2021-31229 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in libezxml.a in ezXML 0.8.6. | 4.3 |
| 2021-04-14 | CVE-2021-29338 | Integer Overflow or Wraparound vulnerability in multiple products Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). | 5.5 |
| 2021-04-14 | CVE-2020-36322 | Incomplete Cleanup vulnerability in multiple products An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. | 5.5 |
| 2021-04-13 | CVE-2021-29425 | Path Traversal vulnerability in multiple products In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. | 4.8 |
| 2021-04-11 | CVE-2021-30485 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in libezxml.a in ezXML 0.8.6. | 4.3 |
| 2021-04-09 | CVE-2021-30159 | An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 4.3 |