Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-12-23 CVE-2021-4062 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
2021-12-23 CVE-2021-4063 Use After Free vulnerability in multiple products
Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-12-23 CVE-2021-4064 Use After Free vulnerability in multiple products
Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-12-23 CVE-2021-4065 Use After Free vulnerability in multiple products
Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-12-23 CVE-2021-4066 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-191
8.8
2021-12-23 CVE-2021-4067 Use After Free vulnerability in multiple products
Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-12-22 CVE-2021-43804 Out-of-bounds Read vulnerability in multiple products
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE.
network
low complexity
teluu debian CWE-125
7.3
2021-12-22 CVE-2021-44733 Race Condition vulnerability in multiple products
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11.
local
high complexity
linux redhat fedoraproject debian netapp CWE-362
7.0
2021-12-20 CVE-2021-44224 NULL Pointer Dereference vulnerability in multiple products
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery).
8.2
2021-12-17 CVE-2021-4008 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14.
local
low complexity
x-org fedoraproject debian CWE-119
7.8