Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-05-21 CVE-2020-36330 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject debian redhat netapp apple CWE-125
critical
9.1
2021-05-21 CVE-2020-36331 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-125
critical
9.1
2021-05-06 CVE-2021-20204 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases.
network
low complexity
getdata-project debian fedoraproject CWE-119
critical
9.8
2021-04-30 CVE-2021-31872 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in klibc before 2.0.9.
network
low complexity
klibc-project debian CWE-190
critical
9.8
2021-04-30 CVE-2021-31873 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in klibc before 2.0.9.
network
low complexity
klibc-project debian CWE-190
critical
9.8
2021-04-30 CVE-2021-31870 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in klibc before 2.0.9.
network
low complexity
klibc-project debian CWE-190
critical
9.8
2021-04-29 CVE-2021-25216 Out-of-bounds Read vulnerability in multiple products
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features.
network
low complexity
debian isc siemens netapp CWE-125
critical
9.8
2021-04-27 CVE-2019-25039 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c.
network
low complexity
nlnetlabs debian CWE-190
critical
9.8
2021-04-27 CVE-2019-25034 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write.
network
low complexity
nlnetlabs debian CWE-190
critical
9.8
2021-04-27 CVE-2019-25032 Integer Overflow or Wraparound vulnerability in multiple products
Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc.
network
low complexity
nlnetlabs debian CWE-190
critical
9.8