Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-16 CVE-2021-21193 Use After Free vulnerability in multiple products
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-03-16 CVE-2021-21192 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
2021-03-16 CVE-2021-21191 Use After Free vulnerability in multiple products
Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-03-12 CVE-2020-36281 Out-of-bounds Read vulnerability in multiple products
Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c.
network
low complexity
leptonica debian fedoraproject CWE-125
7.5
2021-03-12 CVE-2020-36279 Out-of-bounds Read vulnerability in multiple products
Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c.
network
low complexity
leptonica fedoraproject debian CWE-125
7.5
2021-03-12 CVE-2020-36278 Out-of-bounds Read vulnerability in multiple products
Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c.
network
low complexity
leptonica fedoraproject debian CWE-125
7.5
2021-03-11 CVE-2020-36277 Always-Incorrect Control Flow Implementation vulnerability in multiple products
Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.
network
low complexity
leptonica fedoraproject debian CWE-670
7.5
2021-03-11 CVE-2021-21381 Injection vulnerability in multiple products
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
local
low complexity
flatpak debian fedoraproject CWE-74
8.2
2021-03-10 CVE-2021-21772 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0.
network
high complexity
3mf fedoraproject debian CWE-416
8.1
2021-03-10 CVE-2020-13936 An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container.
network
low complexity
apache debian oracle
8.8