Vulnerabilities > Debian > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-24 | CVE-2021-28708 | PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. | 8.8 |
| 2021-11-23 | CVE-2021-37997 | Use After Free vulnerability in multiple products Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-11-23 | CVE-2021-37998 | Use After Free vulnerability in multiple products Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-11-23 | CVE-2021-38001 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-11-23 | CVE-2021-38003 | Improper Handling of Exceptional Conditions vulnerability in multiple products Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-11-22 | CVE-2021-3935 | Improper Certificate Validation vulnerability in multiple products When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. | 8.1 |
| 2021-11-19 | CVE-2021-21898 | A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. | 8.8 |
| 2021-11-19 | CVE-2021-21899 | A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. | 8.8 |
| 2021-11-19 | CVE-2021-21900 | A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. | 8.8 |
| 2021-11-19 | CVE-2021-39921 | NULL Pointer Dereference vulnerability in multiple products NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | 7.5 |