Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-13 CVE-2020-27823 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in OpenJPEG’s encoder.
local
low complexity
uclouvain fedoraproject debian CWE-120
7.8
7.8
2021-05-13 CVE-2021-31215 SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.
network
low complexity
schedmd fedoraproject debian
8.8
8.8
2021-05-12 CVE-2021-23134 Use After Free vulnerability in multiple products
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges.
local
low complexity
linux fedoraproject debian CWE-416
7.8
7.8
2021-05-12 CVE-2020-27840 Out-of-bounds Read vulnerability in multiple products
A flaw was found in samba.
network
low complexity
samba debian fedoraproject CWE-125
7.5
7.5
2021-05-12 CVE-2021-20277 Out-of-bounds Write vulnerability in multiple products
A flaw was found in Samba's libldb.
network
low complexity
samba debian fedoraproject CWE-787
7.5
7.5
2021-05-11 CVE-2021-20309 A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick.
network
low complexity
imagemagick debian
7.5
7.5
2021-05-11 CVE-2021-20312 A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick.
network
low complexity
imagemagick debian
7.5
7.5
2021-05-11 CVE-2021-20313 A flaw was found in ImageMagick in versions before 7.0.11.
network
low complexity
imagemagick debian
7.5
7.5
2021-05-11 CVE-2021-29509 Resource Exhaustion vulnerability in multiple products
Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications.
network
low complexity
puma debian CWE-400
7.5
7.5
2021-05-05 CVE-2021-31542 Path Traversal vulnerability in multiple products
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.
network
low complexity
djangoproject debian fedoraproject CWE-22
7.5
7.5