Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-28 | CVE-2021-31863 | Improper Input Validation vulnerability in multiple products Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local files accessible by the application server process. | 7.5 |
2021-04-27 | CVE-2021-29472 | Composer is a dependency manager for PHP. | 8.8 |
2021-04-27 | CVE-2019-25041 | Reachable Assertion vulnerability in multiple products Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. | 7.5 |
2021-04-27 | CVE-2019-25040 | Infinite Loop vulnerability in multiple products Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. | 7.5 |
2021-04-27 | CVE-2019-25037 | Reachable Assertion vulnerability in multiple products Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. | 7.5 |
2021-04-27 | CVE-2019-25036 | Reachable Assertion vulnerability in multiple products Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. | 7.5 |
2021-04-26 | CVE-2021-21204 | Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-26 | CVE-2021-21202 | Use After Free vulnerability in multiple products Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | 8.6 |
2021-04-26 | CVE-2021-21203 | Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-26 | CVE-2021-21214 | Use After Free vulnerability in multiple products Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. | 8.8 |