Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-16 | CVE-2020-21598 | Out-of-bounds Write vulnerability in multiple products libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file. | 8.8 |
2021-09-16 | CVE-2021-34798 | NULL Pointer Dereference vulnerability in multiple products Malformed requests may cause the server to dereference a NULL pointer. | 7.5 |
2021-09-16 | CVE-2021-36160 | Out-of-bounds Read vulnerability in multiple products A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). | 7.5 |
2021-09-16 | CVE-2021-41079 | Infinite Loop vulnerability in multiple products Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. | 7.5 |
2021-09-15 | CVE-2021-3796 | vim is vulnerable to Use After Free | 7.3 |
2021-09-15 | CVE-2021-3778 | vim is vulnerable to Heap-based Buffer Overflow | 7.8 |
2021-09-14 | CVE-2021-41072 | Link Following vulnerability in multiple products squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. | 8.1 |
2021-09-13 | CVE-2021-41054 | Classic Buffer Overflow vulnerability in multiple products tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. | 7.5 |
2021-09-09 | CVE-2021-3761 | Out-of-bounds Write vulnerability in multiple products Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. | 7.5 |
2021-09-08 | CVE-2021-40346 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. | 7.5 |