Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-11-19 CVE-2021-39924 Excessive Iteration vulnerability in multiple products
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-834
7.5
2021-11-19 CVE-2021-39925 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-120
7.5
2021-11-19 CVE-2021-39926 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-120
7.5
2021-11-19 CVE-2021-39929 Uncontrolled Recursion vulnerability in multiple products
Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-674
7.5
2021-11-19 CVE-2021-3973 Heap-based Buffer Overflow vulnerability in multiple products
vim is vulnerable to Heap-based Buffer Overflow
local
low complexity
vim fedoraproject debian CWE-122
7.8
2021-11-19 CVE-2021-3974 Use After Free vulnerability in multiple products
vim is vulnerable to Use After Free
local
low complexity
vim fedoraproject debian CWE-416
7.8
2021-11-18 CVE-2021-39928 NULL Pointer Dereference vulnerability in multiple products
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-476
7.5
2021-11-15 CVE-2021-43618 Integer Overflow or Wraparound vulnerability in multiple products
GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.
network
low complexity
gmplib debian netapp CWE-190
7.5
2021-11-09 CVE-2021-43114 FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate.
network
low complexity
fort-validator-project debian
7.5
2021-11-08 CVE-2021-41771 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.
network
low complexity
golang fedoraproject debian CWE-119
7.5