Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-11-23 CVE-2021-37997 Use After Free vulnerability in multiple products
Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-11-23 CVE-2021-37998 Use After Free vulnerability in multiple products
Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2021-11-23 CVE-2021-38001 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-843
8.8
2021-11-23 CVE-2021-38003 Improper Handling of Exceptional Conditions vulnerability in multiple products
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-755
8.8
2021-11-22 CVE-2021-3935 Improper Certificate Validation vulnerability in multiple products
When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption.
network
high complexity
pgbouncer redhat fedoraproject debian CWE-295
8.1
2021-11-19 CVE-2021-21898 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580.
network
low complexity
librecad debian fedoraproject CWE-119
8.8
2021-11-19 CVE-2021-21899 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580.
network
low complexity
librecad fedoraproject debian CWE-119
8.8
2021-11-19 CVE-2021-21900 Use After Free vulnerability in multiple products
A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580.
network
low complexity
librecad debian fedoraproject CWE-416
8.8
2021-11-19 CVE-2021-39921 NULL Pointer Dereference vulnerability in multiple products
NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-476
7.5
2021-11-19 CVE-2021-39922 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-120
7.5