Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-10 | CVE-2021-0326 | Out-of-bounds Write vulnerability in multiple products In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. | 7.5 |
2021-02-10 | CVE-2021-27135 | xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence. | 9.8 |
2021-02-10 | CVE-2020-36244 | Out-of-bounds Write vulnerability in multiple products The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon (versions prior to 2.18.6). | 9.8 |
2021-02-09 | CVE-2021-26937 | Argument Injection or Modification vulnerability in multiple products encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. | 9.8 |
2021-02-09 | CVE-2021-26676 | gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp. | 3.3 |
2021-02-09 | CVE-2021-26675 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code. | 5.8 |
2021-02-09 | CVE-2021-21148 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-02-08 | CVE-2021-26910 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation. | 6.9 |
2021-02-08 | CVE-2021-21290 | Creation of Temporary File in Directory with Incorrect Permissions vulnerability in multiple products Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 5.5 |
2021-02-06 | CVE-2021-20176 | A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. | 5.5 |