Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2021-12-23 CVE-2021-4067 Use After Free vulnerability in multiple products
Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-12-23 CVE-2021-4068 Improper Encoding or Escaping of Output vulnerability in multiple products
Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-116
6.5
2021-12-23 CVE-2021-4078 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian CWE-843
8.8
2021-12-23 CVE-2021-4079 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.
network
low complexity
google debian CWE-787
8.8
2021-12-22 CVE-2021-40393 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260).
network
low complexity
gerbv-project debian CWE-787
critical
9.8
2021-12-22 CVE-2021-40394 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260).
network
low complexity
gerbv-project debian CWE-787
critical
9.8
2021-12-22 CVE-2021-37706 PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE.
network
low complexity
teluu asterisk sangoma debian
critical
9.8
2021-12-22 CVE-2021-43804 PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE.
network
low complexity
teluu debian
7.3
2021-12-22 CVE-2021-44733 Race Condition vulnerability in multiple products
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11.
local
high complexity
linux redhat fedoraproject debian netapp CWE-362
7.0
2021-12-20 CVE-2021-44224 NULL Pointer Dereference vulnerability in multiple products
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery).
8.2