Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-09 CVE-2021-21167 Use After Free vulnerability in multiple products
Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-03-09 CVE-2021-21166 Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian
8.8
2021-03-09 CVE-2021-21165 Race Condition vulnerability in multiple products
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-362
8.8
2021-03-09 CVE-2021-21162 Use After Free vulnerability in multiple products
Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-03-09 CVE-2021-21161 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
2021-03-09 CVE-2021-21160 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
2021-03-09 CVE-2021-21159 Use After Free vulnerability in multiple products
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-03-01 CVE-2021-25329 The fix for CVE-2020-9484 was incomplete.
local
high complexity
apache debian oracle
7.0
2021-03-01 CVE-2021-25122 Information Exposure vulnerability in multiple products
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.
network
low complexity
apache debian oracle CWE-200
7.5
2021-02-27 CVE-2020-35662 Improper Certificate Validation vulnerability in multiple products
In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.
network
high complexity
saltstack fedoraproject debian CWE-295
7.4