Vulnerabilities > Debian > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-24 | CVE-2021-3711 | Classic Buffer Overflow vulnerability in multiple products In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). | 9.8 |
2021-08-21 | CVE-2021-38171 | Unchecked Return Value vulnerability in multiple products adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted. | 9.8 |
2021-08-07 | CVE-2021-38173 | Command Injection vulnerability in multiple products Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys. | 9.8 |
2021-07-22 | CVE-2021-35942 | Integer Overflow or Wraparound vulnerability in multiple products The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. | 9.1 |
2021-07-13 | CVE-2021-34552 | Classic Buffer Overflow vulnerability in multiple products Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c. | 9.8 |
2021-06-10 | CVE-2021-26691 | Out-of-bounds Write vulnerability in multiple products In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow | 9.8 |
2021-05-27 | CVE-2020-15180 | Command Injection vulnerability in multiple products A flaw was found in the mysql-wsrep component of mariadb. | 9.0 |
2021-05-25 | CVE-2021-33574 | Use After Free vulnerability in multiple products The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. | 9.8 |
2021-05-21 | CVE-2020-36328 | Out-of-bounds Write vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.8 |
2021-05-21 | CVE-2020-36329 | Use After Free vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.8 |