Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-12 | CVE-2020-35459 | Improper Privilege Management vulnerability in multiple products An issue was discovered in ClusterLabs crmsh through 4.2.1. | 7.2 |
2021-01-12 | CVE-2020-35653 | Out-of-bounds Read vulnerability in multiple products In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations. | 7.1 |
2021-01-11 | CVE-2021-0308 | Out-of-bounds Write vulnerability in multiple products In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. | 7.2 |
2021-01-08 | CVE-2021-21116 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-01-08 | CVE-2021-21114 | Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-01-08 | CVE-2021-21113 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-01-08 | CVE-2021-21112 | Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-01-08 | CVE-2020-16043 | Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic. | 8.8 |
2021-01-08 | CVE-2020-26664 | Out-of-bounds Write vulnerability in multiple products A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file. | 7.8 |
2021-01-08 | CVE-2021-1056 | Incorrect Default Permissions vulnerability in multiple products NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. | 7.1 |