Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-02-15 CVE-2021-27219 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2021-02-15 CVE-2021-27218 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2021-02-14 CVE-2021-27212 Reachable Assertion vulnerability in multiple products
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp.
network
low complexity
openldap debian CWE-617
7.5
2021-02-11 CVE-2020-35498 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in openvswitch.
network
low complexity
openvswitch debian fedoraproject CWE-400
7.5
2021-02-10 CVE-2021-0326 Out-of-bounds Write vulnerability in multiple products
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check.
7.5
2021-02-09 CVE-2021-21148 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
2021-02-02 CVE-2021-21289 OS Command Injection vulnerability in multiple products
Mechanize is an open-source ruby library that makes automated web interaction easy.
network
high complexity
mechanize-project fedoraproject debian CWE-78
8.3
2021-01-29 CVE-2021-3347 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.10.11.
local
low complexity
linux debian fedoraproject CWE-416
7.8
2021-01-27 CVE-2021-3326 Reachable Assertion vulnerability in multiple products
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
network
low complexity
gnu netapp oracle fujitsu debian CWE-617
7.5
2021-01-27 CVE-2021-26117 Improper Authentication vulnerability in multiple products
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server.
network
low complexity
apache netapp debian oracle CWE-287
7.5