Vulnerabilities > Debian > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-26 | CVE-2021-3156 | Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193 | 7.8 |
| 2021-01-26 | CVE-2020-36230 | Reachable Assertion vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. | 7.5 |
| 2021-01-26 | CVE-2020-36229 | Type Confusion vulnerability in multiple products A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. | 7.5 |
| 2021-01-26 | CVE-2020-36228 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service. | 7.5 |
| 2021-01-26 | CVE-2020-36227 | Infinite Loop vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. | 7.5 |
| 2021-01-26 | CVE-2020-36226 | A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. | 7.5 |
| 2021-01-26 | CVE-2020-36225 | Double Free vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. | 7.5 |
| 2021-01-26 | CVE-2020-36224 | Release of Invalid Pointer or Reference vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. | 7.5 |
| 2021-01-26 | CVE-2020-36223 | Double Free vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). | 7.5 |
| 2021-01-26 | CVE-2020-36222 | Reachable Assertion vulnerability in multiple products A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. | 7.5 |