Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-05 | CVE-2021-20305 | Out-of-bounds Write vulnerability in multiple products A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. | 8.1 |
2021-04-02 | CVE-2021-1844 | Out-of-bounds Write vulnerability in multiple products A memory corruption issue was addressed with improved validation. | 8.8 |
2021-04-02 | CVE-2021-1788 | Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. | 8.8 |
2021-03-30 | CVE-2021-29376 | ircII before 20210314 allows remote attackers to cause a denial of service (segmentation fault and client crash, disconnecting the victim from an IRC server) via a crafted CTCP UTC message. | 7.5 |
2021-03-29 | CVE-2021-23358 | Code Injection vulnerability in multiple products The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized. | 7.2 |
2021-03-23 | CVE-2021-3444 | Incorrect Conversion between Numeric Types vulnerability in multiple products The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. | 7.8 |
2021-03-23 | CVE-2021-20270 | Infinite Loop vulnerability in multiple products An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. | 7.5 |
2021-03-23 | CVE-2021-21349 | XStream is a Java library to serialize objects to XML and back again. | 8.6 |
2021-03-23 | CVE-2021-21348 | Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.5 |
2021-03-23 | CVE-2021-21343 | XStream is a Java library to serialize objects to XML and back again. | 7.5 |