Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-10 CVE-2020-13936 An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container.
network
low complexity
apache debian oracle
8.8
8.8
2021-03-09 CVE-2021-21300 Git is an open-source distributed revision control system.
network
high complexity
git-scm fedoraproject apple debian
7.5
7.5
2021-03-09 CVE-2020-35524 A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool.
local
low complexity
libtiff debian fedoraproject netapp redhat
7.8
7.8
2021-03-09 CVE-2020-35523 An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file.
local
low complexity
libtiff debian netapp redhat
7.8
7.8
2021-03-09 CVE-2021-21190 Use of Uninitialized Resource vulnerability in multiple products
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
network
low complexity
google fedoraproject debian CWE-908
8.8
8.8
2021-03-09 CVE-2021-21188 Use After Free vulnerability in multiple products
Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
8.8
2021-03-09 CVE-2021-21180 Use After Free vulnerability in multiple products
Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
8.8
2021-03-09 CVE-2021-21179 Use After Free vulnerability in multiple products
Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
8.8
2021-03-09 CVE-2021-21174 Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
8.8
8.8
2021-03-09 CVE-2021-21172 Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
8.1
8.1