Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-06-24 CVE-2021-32493 Out-of-bounds Write vulnerability in multiple products
A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian CWE-787
7.8
2021-06-24 CVE-2021-3500 A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian
7.8
2021-06-16 CVE-2021-33813 XXE vulnerability in multiple products
An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.
network
low complexity
jdom apache debian fedoraproject oracle CWE-611
7.5
2021-06-15 CVE-2021-30547 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
network
low complexity
google debian fedoraproject mozilla CWE-787
8.8
2021-06-15 CVE-2021-31618 NULL Pointer Dereference vulnerability in multiple products
Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well.
network
low complexity
apache fedoraproject debian oracle CWE-476
7.5
2021-06-10 CVE-2020-13950 NULL Pointer Dereference vulnerability in multiple products
Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service
network
low complexity
apache debian fedoraproject oracle CWE-476
7.5
2021-06-10 CVE-2020-35452 Out-of-bounds Write vulnerability in multiple products
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest.
network
low complexity
apache debian fedoraproject oracle CWE-787
7.3
2021-06-10 CVE-2021-26690 NULL Pointer Dereference vulnerability in multiple products
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service
network
low complexity
apache debian fedoraproject oracle CWE-476
7.5
2021-06-09 CVE-2020-24489 Incomplete Cleanup vulnerability in multiple products
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel debian CWE-459
8.8
2021-06-08 CVE-2021-22116 Improper Input Validation vulnerability in multiple products
RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint.
network
low complexity
vmware debian CWE-20
7.5