Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-01 CVE-2021-36047 Improper Input Validation vulnerability in multiple products
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-20
7.8
2021-09-01 CVE-2021-36048 Improper Input Validation vulnerability in multiple products
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-20
7.8
2021-09-01 CVE-2021-36050 Out-of-bounds Write vulnerability in multiple products
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-787
7.8
2021-09-01 CVE-2021-36052 Access of Memory Location After End of Buffer vulnerability in multiple products
XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-788
7.8
2021-09-01 CVE-2021-36055 Use After Free vulnerability in multiple products
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-416
7.8
2021-09-01 CVE-2021-36064 Buffer Underflow vulnerability in multiple products
XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-124
7.8
2021-09-01 CVE-2021-39847 Stack-based Buffer Overflow vulnerability in multiple products
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-121
7.8
2021-09-01 CVE-2021-33582 Algorithmic Complexity vulnerability in multiple products
Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction.
network
low complexity
cyrus fedoraproject debian CWE-407
7.5
2021-08-31 CVE-2021-37701 Link Following vulnerability in multiple products
The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
local
low complexity
npmjs debian oracle siemens CWE-59
8.6
2021-08-31 CVE-2021-37712 Link Following vulnerability in multiple products
The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
local
low complexity
npmjs debian oracle siemens CWE-59
8.6