Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-20 CVE-2021-32272 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in faad2 before 2.10.0.
local
low complexity
faad2-project debian CWE-787
7.8
7.8
2021-09-20 CVE-2021-32273 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in faad2 through 2.10.0.
local
low complexity
faad2-project debian CWE-787
7.8
7.8
2021-09-20 CVE-2021-32274 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in faad2 through 2.10.0.
local
low complexity
faad2-project debian CWE-787
7.8
7.8
2021-09-20 CVE-2021-32277 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in faad2 through 2.10.0.
local
low complexity
faad2-project debian CWE-787
7.8
7.8
2021-09-20 CVE-2021-32278 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in faad2 through 2.10.0.
local
low complexity
faad2-project debian CWE-787
7.8
7.8
2021-09-20 CVE-2021-38300 arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context.
local
low complexity
linux netapp debian
7.8
7.8
2021-09-19 CVE-2021-40690 All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element.
network
low complexity
apache debian oracle
7.5
7.5
2021-09-19 CVE-2021-41073 Release of Invalid Pointer or Reference vulnerability in multiple products
loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
local
low complexity
linux debian fedoraproject netapp CWE-763
7.8
7.8
2021-09-17 CVE-2021-3803 nth-check is vulnerable to Inefficient Regular Expression Complexity
network
low complexity
nth-check-project debian
7.5
7.5
2021-09-17 CVE-2021-3805 object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
network
low complexity
object-path-project debian
7.5
7.5