Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-05-21 CVE-2020-36331 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-125
critical
9.1
2021-05-06 CVE-2021-20204 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases.
network
low complexity
getdata-project debian fedoraproject CWE-119
critical
9.8
2021-04-30 CVE-2021-31873 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in klibc before 2.0.9.
network
low complexity
klibc-project debian CWE-190
critical
9.8
2021-04-27 CVE-2019-25039 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c.
network
low complexity
nlnetlabs debian CWE-190
critical
9.8
2021-04-27 CVE-2019-25034 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write.
network
low complexity
nlnetlabs debian CWE-190
critical
9.8
2021-04-27 CVE-2019-25032 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc.
network
low complexity
nlnetlabs debian CWE-190
critical
9.8
2021-04-27 CVE-2019-25042 Out-of-bounds Write vulnerability in multiple products
Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy.
network
low complexity
nlnetlabs debian CWE-787
critical
9.8
2021-04-27 CVE-2019-25033 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro.
network
low complexity
nlnetlabs debian CWE-190
critical
9.8
2021-04-27 CVE-2019-25038 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c.
network
low complexity
nlnetlabs debian CWE-190
critical
9.8
2021-04-27 CVE-2019-25035 Out-of-bounds Write vulnerability in multiple products
Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par.
network
low complexity
nlnetlabs debian CWE-787
critical
9.8