Vulnerabilities > Debian

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-18	CVE-2021-39928	NULL Pointer Dereference vulnerability in multiple products NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-476	7.5
2021-11-17	CVE-2021-43975	Out-of-bounds Write vulnerability in multiple products In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. local low complexity linux fedoraproject debian netapp CWE-787	6.7
2021-11-17	CVE-2021-43976	In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). low complexity linux fedoraproject debian netapp oracle	4.6
2021-11-15	CVE-2021-22959	HTTP Request Smuggling vulnerability in multiple products The parser in accepts requests with a space (SP) right after the header name before the colon. network low complexity llhttp oracle debian CWE-444	6.5
2021-11-15	CVE-2021-43618	Integer Overflow or Wraparound vulnerability in multiple products GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. network low complexity gmplib debian netapp CWE-190	7.5
2021-11-13	CVE-2021-3918	json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') network low complexity json-schema-project debian critical	9.8
2021-11-12	CVE-2021-41229	Memory Leak vulnerability in multiple products BlueZ is a Bluetooth protocol stack for Linux. low complexity bluez debian CWE-401	6.5
2021-11-12	CVE-2021-43331	Cross-site Scripting vulnerability in multiple products In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. network low complexity gnu debian CWE-79	6.1
2021-11-12	CVE-2021-43332	Insufficiently Protected Credentials vulnerability in multiple products In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. network low complexity gnu debian CWE-522	6.5
2021-11-11	CVE-2021-3907	Path Traversal vulnerability in multiple products OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. network low complexity cloudflare debian CWE-22 critical	9.8

Vulnerabilities > Debian {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Debian"}]}

Vulnerabilities > Debian