Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-23 | CVE-2021-37997 | Use After Free vulnerability in multiple products Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-11-23 | CVE-2021-37998 | Use After Free vulnerability in multiple products Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-11-23 | CVE-2021-38001 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-11-23 | CVE-2021-38003 | Improper Handling of Exceptional Conditions vulnerability in multiple products Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-11-22 | CVE-2021-3935 | Improper Certificate Validation vulnerability in multiple products When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. | 8.1 |
2021-11-19 | CVE-2021-21898 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. | 8.8 |
2021-11-19 | CVE-2021-21899 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. | 8.8 |
2021-11-19 | CVE-2021-21900 | Use After Free vulnerability in multiple products A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. | 8.8 |
2021-11-19 | CVE-2021-39921 | NULL Pointer Dereference vulnerability in multiple products NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | 7.5 |
2021-11-19 | CVE-2021-39922 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | 7.5 |