Vulnerabilities > Debian > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-23 | CVE-2021-21345 | OS Command Injection vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.9 |
2021-03-23 | CVE-2021-21344 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.8 |
2021-03-23 | CVE-2021-21342 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.1 |
2021-03-19 | CVE-2021-28834 | Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated. | 9.8 |
2021-03-19 | CVE-2021-27928 | Code Injection vulnerability in multiple products A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. | 9.0 |
2021-03-04 | CVE-2020-35636 | Improper Validation of Array Index vulnerability in multiple products A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. | 9.8 |
2021-03-04 | CVE-2020-35628 | Improper Validation of Array Index vulnerability in multiple products A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. | 9.8 |
2021-03-04 | CVE-2020-28636 | Improper Validation of Array Index vulnerability in multiple products A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. | 9.8 |
2021-03-04 | CVE-2020-28601 | Improper Validation of Array Index vulnerability in multiple products A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. | 9.8 |
2021-02-27 | CVE-2021-3197 | Injection vulnerability in multiple products An issue was discovered in SaltStack Salt before 3002.5. | 9.8 |