Vulnerabilities > Debian

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-30	CVE-2021-21409	HTTP Request Smuggling vulnerability in multiple products Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. network high complexity netty debian netapp oracle quarkus CWE-444	5.9
2021-03-30	CVE-2021-29376	ircII before 20210314 allows remote attackers to cause a denial of service (segmentation fault and client crash, disconnecting the victim from an IRC server) via a crafted CTCP UTC message. network low complexity eterna debian	5.0
2021-03-29	CVE-2021-23358	Code Injection vulnerability in multiple products The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized. network low complexity underscorejs debian tenable fedoraproject CWE-94	7.2
2021-03-26	CVE-2021-29265	Race Condition vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.7. local linux debian CWE-362	4.7
2021-03-26	CVE-2021-29264	An issue was discovered in the Linux kernel through 5.11.10. local linux debian	4.7
2021-03-25	CVE-2021-3449	NULL Pointer Dereference vulnerability in multiple products An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. network high complexity openssl debian freebsd netapp tenable fedoraproject mcafee checkpoint oracle sonicwall siemens nodejs CWE-476	5.9
2021-03-25	CVE-2020-1946	OS Command Injection vulnerability in multiple products In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. network low complexity apache debian fedoraproject CWE-78 critical	9.8
2021-03-23	CVE-2021-3409	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. local low complexity qemu redhat fedoraproject debian CWE-119	5.7
2021-03-23	CVE-2021-3392	Use After Free vulnerability in multiple products A use-after-free flaw was found in the MegaRAID emulator of QEMU. local low complexity qemu fedoraproject debian CWE-416	3.2
2021-03-23	CVE-2021-3444	Incorrect Conversion between Numeric Types vulnerability in multiple products The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. local low complexity linux debian canonical CWE-681	4.6

Vulnerabilities > Debian {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Debian"}]}

Vulnerabilities > Debian